What is Email Spoofing?
Email spoofing is like when a spam sender pretends to be someone else by faking the “From”
address in an email. So, the email looks like it’s coming from a real person or company you might
know, instead of the spammer. This trick makes you more likely to open the email because it
seems trustworthy.
What to Look for
If you think an email is fake, you can usually find the real computer address (called an IP address)
that sent it hidden in the email’s details (the header). This helps you see where the message really
came from. You can then tell that computer’s internet company to block the address. This might
stop the fake emails and those ‘failed delivery’ messages you get in the short run.
In the header of the email, you should be see something like this:
Received: from [11.22.33.44] (11.22.33.44.servername.com [11.22.33.44])(Authenticated sender:
[email protected])by something.servername.com (Postfix) with ESMTPA;
Fri, 4 Jul 2016 19:28:23 +0000 (UTC)This example shows how fake info can be used. But the important thing to look for is
“Authenticated sender.” This means the email was sent properly, with a real username and
password, through the right email system. If you see this and still think the email is fake, that’s
when you should do a full computer virus scan and change your password, like we talked about
before.
How to Prevent Email Spoofing
You can’t totally stop fake emails, but here are some good habits to follow:
- Change your email password often.
- Check your computer for viruses completely at least once a week.
- Don’t put your real email address out in the open online. If you need to, try writing it like
this: yourname [at] example [dot] com . This can confuse programs that collect email
addresses for spam. - Don’t use your main email for everything online. For things like newsletters or sign-up
forms, use a free, temporary email address that you don’t care about losing if it gets
spammed. - Only use your main email to talk to people you know and trust.
