If you’re incorporating email into your lead generation efforts, you should be aware of how this medium can be manipulated. Hackers and social engineers are using dormant email addresses and abandoned or newly minted domains to trick email recipients in a practice called email spoofing.
How does someone spoof an email, and how is your URL possibly being used to spam and scam people you want to convert from leads to loyal customers?
What is Email Spoofing?
Spoofing is a broad term that covers several fraudulent practices using email. They can be sent from external sources as unauthorized email to customers who haven’t requested information or opted-in to a subscriber list. Spoofed emails can also be generated internally – or appear to come from someone within an organization – in spear phishing attempts. This type seems to come from someone who has been granted certain access permissions in an effort to trick the recipient into giving the fake sender passwords or account numbers.
Spoofed emails either have a fictitious sender and a real email address or use a fake/abandoned address that redirects the user to a landing page or allows the sender to insert malicious code into bad links. The perpetrators can also falsify the return-to and reply paths to redirect legitimate emails.
Unfortunately, some of the largest names in the email industry like the free version of Google (as well as AOL, Yahoo, Microsoft, and Apple) have sold their customers out by allowing third-party access of account-holder email addresses to advertisers, government agencies, and probably spoofers as well. As many are realizing, the few bucks a month it costs to subscribe to a secure email platform that uses end-to-end encryption is fast becoming a no-brainer in the battle to beat the bad guys. If you haven’t been the victim of a spoofing or phishing attack yet, it’s likely just a matter of time. Truly secure email is a strong preventative first step.
How to Spot a Spoofed Email?
Look at the images below to see the difference in the path of travel between a legitimate and spoofed email.
Most of the time, you can spot a phony email if you know where to look and how they’re typically altered. If you suspect that an email is sent from an imposter, compare certain details against a previous message that you know is legitimate. Is the sender’s address formatted the same? Are they asking for your password? Most companies won’t.
The best signs of fakery are in the header. Sometimes, the mail will appear to be from someone you’ve had contact with before, but the URL will be different. Say, for example, that an email is sent to you from someone who’s supposedly a previous contact on LinkedIn. The URL in the email address would say from firstname.lastname@example.org. If the name of the sender in the URL is different, such as LinkedIn.com or it doesn’t have the name of the company at all, it’s a fake.
You can obtain a lot of information in the header, including the IP address of the sender, which can be investigated further through Whois.
Another common gimmick is to claim that there’s a problem with your account or you have a delivery waiting. I’ve had many fake Amazon and FedEx scam emails sent to me. They usually provide a link to follow to login to your account, though are getting more clever with their methods all the time. If you’re foolish enough to do so, you’ve just handed over the keys to that account.
I’ve received these from Twitter, Gmail, and PayPal as well. Some of them look pretty authentic at first glance, but they usually copy/paste the real company logo or use one that’s similar but for a few minor details. The same goes for URLs and names.
Sometimes, the information in the email subject line, sender field, or body of the email is a blue embedded link. Mousing over it may reveal the true identity of the sender. Don’t respond to such emails or click any links.
5 Ways to Mitigate Email Spoofing
In addition to using a secure email service that has high-level encryption, built-in spam filters and a range of email security tools, there are several ways you can protect your email account and contacts using tools, security protocols, and a little bit of legwork.
- Establish a formal policy for email security; work with a security consultant to create it, if need be.
- Create a security awareness training course and make sure that all current employees and new hires know your email policies.
- Create a Sender Policy Framework (SPF) that includes domain discovery, email services discovery, and validation.
- Adopt a Domain-based Message Authentication, Reporting & Conformance (DMARC) mechanism. This can prevent spoofing of transit-/SMTP-level 5321.MailFrom (sender data) and content- MIME-level 5322.From (headers). You can validate your protocol or setup by sending some test emails to see how it performs. The testing code should look similar to this: “Authentication-Results: spf=pass (sender IP is 22.214.171.124) smtp.mailfrom=example.astrix.co.uk; astrix.co.uk; dkim=pass (signature was verified) header.d=example.astrix.co.uk;astrix.co.uk; dmarc=pass action=none header.from=example.astrix.co.uk;compauth=pass reason=100”
- Create and analyze forensics reporting based on your DMARC protocol and consistent monitoring. This tool makes it easy to accurately inspect DomainKeys Identified Mail (DKIM) records and validate them.
Protection also begins with how you handle your own email security. Modeling compliance and implementing best practices will allow you to lead your team by example. Create strong email passwords and safeguard them. The current industry standard is a combination of 12 characters/letters/numbers rather than the previous eight. Make sure not to use us words, phrases, or names that would be easy for a social engineer to guess or reverse engineer, like your pet’s name or your favorite song.
Email is still one of the most effective ways to market your business and engage with your customer base. Using email security best practices will help keep you messages flowing to those who need them. In addition to preventive measures you can take, most reputable email services provide the means for reporting suspected spam or phishing attempts. It’s worth the effort to secure your email address and retain your good domain name.
If you want to secure your email now you can try out the SpamExperts solution offered by Openprovider. With SpamExperts your incoming mails will be safe and you can also add an extra layer of security by enabling sender checks via SFP, DKIM and DMARC in the configuration of your incoming filter (Incoming – Protection settings -> Filter settings).
If you register now you’ll get one SpamExperts filter for free for your domain for 1 month. If you already have an account with us – just activate free SpamExperts filter promo via FREESPAMEXPERTS promo code on the dashboard of Openprovider control panel and try out the service.