Spoofing allows the attacker to impersonate people or organizations for various reasons.
That’s scary, so how does it work?
Spoofing plays a major role in email-basedphishingor so-called 419 scams.
How Spoofing Works
Email spoofing is surprisingly easy to do.
It works by modifyingthe email “header,“a collection of metadata about the email.
The information you see in your mail app is pulled from the email header.
The SMTP (Simple Mail Transport Protocol) doesn’t make any provision to authenticate email addresses.
Related:What Can You Find in an Email Header?
This will result in an email that, on the surface, shows you aforged origin address.
Here we’ll use Gmail as an example since it’s both popular and easy to do.
Next to “Received” you’ll see a server URL and also an IP address.
To confirm this, copy the IP address and paste it intoDomainTools’s WhoIs Lookup.
As the results show, this IP address originates from Singapore and comes from a Microsoft domain.
It’s highly unlikely it’s really from Costco, so this is probably a scam email!
(Don’t use any phone numbers provided in the email, however.)
A 30-second conversation can 100% confirm whether you’re the victim of spoofing or not!
Related:How to Spot a Fraudulent Website
