Email spoofing is a type of cyber-attack whereby the attacker sends an email that appears to be from a legitimate source, but it’s not.
The sender may use a fake email address, display name, or other details within the email header to deceive the recipient into believing that the message is from a trusted source.
There are many reasons an attacker may use email spoofing against victims, but it often involves tricking the recipient into disclosing sensitive information or downloading malware onto their device.
For example, a cybercriminal may spoof an email to make it look like it’s coming from the bank when it’s coming from them. When the recipient clicks on the link in the email, they may be directed to a fake website where they’re asked to enter their personal and financial details. In this case, the attacker can use this information to commit fraud.
Email spoofing can be difficult to detect, but you can reduce the risk of such attacks by being cautious with links and attachments, staying vigilant through security awareness training and take steps to verify the email sender by checking their email address for anomalies and calling the sender to check that they have sent the email.
For more information about email spoofing, other potential phishing attacks and guidance on how to best support your business and team from cyber-crime please contact [email protected].
Plus sign up for our free core membership to stay up to date with the latest cyber security updates and gain access to a wealth of handy resources.
The NEBRC is a non-profit organisation that seeks to educate, inform, and support businesses across the UK on how to stay safe online through reliable cyber security practices.