What is email spoofing, and how can you protect yourself?

SECURITY

Oliver Haslam by Oliver Haslam

Email scams are nothing new. They’ve been around as long as email itself, and we’ve spoken about them before. One thing to watch out for in particular is spoofed email.

What is spoofed email?

Spoofed email is email where the sender is pretending to be someone they’re not. When setting up an email account, people can enter any name they want. Someone could call themselves Michael Jordan, and any emails they send would look like they came from the superstar basketball player. But they probably can’t dunk – let alone sink a freethrow with such style.

If entering the wrong name was all a scammer did, it would be easier to spot. Michael Jordan’s email address probably isn’t baseballman23@yahoo.com, so it would be safe to mark that one as spam and move on.

But what if someone goes the extra mile to spoof the email address, too? That makes it trickier to catch. Even trickier still is when a scammer uses your own email address. This can make it look like they have access to your email account, but the majority of times they don’t. Nor do you need to send them $1,000 in cryptocurrency, despite what they say. It’s all a facade and an easy one to fall foul of, but there are steps you can take to guard against these kinds of attacks.

Redacted Gmail

How to protect yourself from spoofed email

Prevention is better than cure, and that’s why you should make sure that your spam filters or other safeguards are turned on and fully updated. Modern email services do a great job of intercepting a lot of email that claims to be something it isn’t, but they don’t catch it all.

Here are some steps you can take to protect yourself:

  • Pay attention to the name and email address. If they don’t match or make sense, be suspicious. If an email appears to be from you, then it’s probably not what it claims to be and can be deleted.
  • Look out for grammar and tone that seems off. You probably know what an email from your mom reads like, so if it reads differently, it’s likely that something isn’t as it appears. Grammar and tone are useful ways of identifying whether an email can be trusted.
  • Contact the sender offline. Don’t reply to a suspicious email claiming to be from someone you know if something raises the alarm. Call or text them and ask if they really sent the message.
  • Be wary of a request for action. Don’t click links or download file attachments you’re not expecting. Scammers use these as ways to get into computers or accounts.

It’s a fact of life that people will try to dupe you on the Internet, but it’s possible to arm yourself with the tools and information to fight back. It’s always wise to be suspicious of things that appear too good to be true or don’t quite feel right. Spam email is a great example, because there are always signs that can tip you off.

How 1Password protects you

Redacted Gmail

The combination of knowledge and vigilance will get your pretty far. Combine those with smart technology, and you can protect yourself from anyone trying to get your information. 1Password can act as another line of defense and catch scams even when you don’t.

If an email urges you to log in to PayPal to confirm a purchase, 1Password will notice if the address is something like paypai.com or any fraudulent variation and refuse to fill your password. That way your sensitive information stays in your hands – not an attacker’s. And 1Password never takes a day off, so you can rest easy..

Oliver Haslam

Word Wrangler

Oliver Haslam - Word Wrangler Oliver Haslam - Word Wrangler

Tweet about this post

Continue Reading