Have you ever gotten an email that appeared to be from a friend or colleague (or even worse, from yourself) but the subject and text were obviously not something that he or she would send? Or have you ever gotten an undeliverable email notice for an email that you never sent out? Both of these incidents indicate email spoofing has taken place.Spoofing is a way of sending counterfeit email using stolen addresses without the real address owner’s knowledge or permission.
This forgery of the email’s “from” address is a favorite technique of spammers and phishers to try to get you to respond to their emails. Often the practice is associated with a website that has been spoofed. An email may appear to be from the IRS and the email contains a link to what looks like the IRS website, however, it is a phishing email that has spoofed the IRS email address and their website. Any personal information entered on the spoofed website would be stolen – putting you at risk of identity theft.
How do they steal the email addresses?
Scammers write programs that gather email addresses from websites, discussion boards, blogs, etc. Also, worms and viruses collect email addresses from the address books on computers they infect. Unfortunately, there is almost nothing that can be done to prevent spoofing.
Steps to be taken if your mail Identity has been spoofed
- Report about the Spoofed mails to your Internet Service provider and notify them through Email.
- Change your password immediately for all your other email accounts.
- Enable Sender filtering
- Enable recipient filtering
- Further do not respond to any mails which have personal information from the forged Mail ID
- Add and update the block list regularly with the spammers, either their domain name or their email addresses
- Download Exchange tools and RUN it to make sure your server is safe and healthy