What is email spoofing?
Email spoofing is the act of misleading an email recipient about the origin of that email - it may look like it's coming from a familiar sender or domain, but it's actually coming from somewhere else. The two most common email spoofing techniques are:
- Changing the From: name in an email to trick the recipient into thinking the email comes from someone other than who really sent it.
- Sending emails from a domain that looks similar to a legitimate sender's domain.
For instance, you might get an email that looks like it's from "John Smith (firstname.lastname@example.org)", but the header From line actually says "email@example.com".
How to spot email spoofing and what to do about it
Spoof emails often:
- ask you to follow a link and/or respond with sensitive information
- make things seem like an emergency or a time sensitive situation
If you suspect email spoofing, immediately read the email's header to confirm what domain sent the email. Look for From:, X-Sender: or Reply-to: in the header for the best information.
If you receive an email that you think is spoofed or fake, reach out to the sender by another means. Don't reply to the suspicious email sent to you. Instead, contact the sender at a pre-existing contact point you already have, like a known good phone number or email address.
- If you believe someone is sending emails pretending to be you, consider adding an SPF record to your domain DNS. This is not the ultimate solution but can help.
- Linux Hosting, VPS, and Dedicated servers can also add a DKIM or DMARC record as an additional layer to help prevent spoofing.