What is email spoofing?
We often receive phishing emails containing dubious sender addresses. Sometimes, the emails forge the email address of a widely well-known person. Sometimes, suspicious emails are sent from the email address of someone closely known to us. But how do attackers make this possible?
Email spoofing is the technique of sending an illegitimate email from a forged sender address. In the spoofed email, the From field shows the email address that was forged to send the email. Attackers often use this technique for malicious purposes like phishing or spreading malware.
How is email spoofing done?
There are a number of ways email spoofing can be done. One can send emails from a different sender address in an SMTP server. SMTP server usually gives the user this option.
However, attackers mainly use malicious software to send spoofed emails. They first infect a computer with malware, which searches for email addresses in the computer. After collecting a number of email addresses, spoofed emails are sent using malware that forges legitimate email addresses found in the computer.
For example, an attacker may first infect Alice’s computer and collect Bob’s and Charlie’s email addresses. Then, the attacker can use the malware to send an email to Charlie by forging Bob’s email address. If Charlie knows Bob, it is more probable that Charlie will open the email and think it has actually come from Bob.
Purpose of email spoofing
In earlier days, legitimately spoofed emails were common. For example, an email address may automatically forward emails to another email address, which may accept emails only from the email forwarder. Users can legitimately spoof email addresses, in this case, for convenience.
However, attackers spoof email addresses to phish or spread malware. If the sender of the email seems authentic, the probability that the victim will open the email increases. After that, the victim may click on a malware-laden attachment or any other malicious link.
0 Comments