Email spoofing is the act of sending emails with a forged sender address. It tricks the recipient into thinking that someone they know or trust sent them the email. Usually, it’s a tool of a phishing attack, designed to take over your online accounts, send malware, or steal funds.
Spoofed email messages are easy to make and easy to detect. However, more malicious and targeted varieties can cause significant problems and pose a huge security threat.
Reasons for email spoofing : The reasons for email spoofing are quite straightforward. Usually, the criminal has something malicious in mind, like stealing the private data of a company. Here are the most common reasons behind this malicious activity:
* Phishing. Almost universally, email spoofing is a gateway for phishing. Pretending to be someone the recipient knows is a tactic to get the person to click on malicious links or provide sensitive information.
* Identity theft. Pretending to be someone else can help a criminal gather more data on the victim (e.g. by asking for confidential information from financial or medical institutions).
* Avoiding spam filters. Frequent switching between email addresses can help spammers avoid being blacklisted.
* Anonymity. Sometimes, a fake email address is used to simply hide the sender’s true identity.
Dangers of email spoofing : Email spoofing is incredibly dangerous and damaging because it doesn’t need to compromise any account by bypassing security measures that most email providers now implement by default. It exploits the human factor, especially the fact that no person double-checks the header of every email that they receive. Besides, it’s incredibly easy for attackers and requires almost no technical know-how to do it on a basic level. Not to mention the fact that every mail server can be reconfigured to be identical or almost identical to slip by.
Source : Cybernews