Email spoofing is an attack where hackers make it appear that an email originates from a different address than it does. Spoofing allows the attacker to impersonate people or organizations for various reasons. That’s scary, so how does it work?
Why Email Spoofing Happens
Email spoofing is a form of impersonation, and usually, it forms part of a different type of scam or attack. Spoofing plays a major role in email-based phishing or so-called 419 scams. An email arrives in your mailbox purporting to be from your bank, an online payment processor, or in the case of spear phishing, someone you know personally.
The email often contains a link you’re asked to click, which takes you to a fake version of a real site where your username and password are harvested.
In the case of CEO fraud, or where attackers impersonate vendors or business partners, the emails ask for sensitive information or request bank transfers to accounts the hackers control.
How Spoofing Works
Email spoofing is surprisingly easy to do. It works by modifying the email “header,” a collection of metadata about the email. The information you…
Read Full Article Source