A spoofed email is one that appears to originate from one source but is really sent from another. With rare exceptions, spoofed emails have malicious, or at the very least, mischievous, intent behind them. Here are some common examples:
- Personal reputation/credibility damage – one of the more serious implications for activists is having their identity hijacked to undo or sabotage their work. Read more here.
- Identity theft – spoofers will often attempt to get your login and password information for your bank, eBay, AOL and other accounts.
- Virus/worm propagation – recently, the swen worm disguised itself as a software update from Microsoft. Users who ran the executable attachment would have their antivirus and firewall software disabled.
Not too long ago, it was relatively easy to spot spoofs if you knew what to look for, This has begun to change as graphic elements and language from the “spoofee” are appropriated to make email seem more authentic. Take a look at the swen worm as it appeared in people's Inboxes (scroll down a bit on the page).
Updated antivirus software, in this case, is not enough if you
don’t know that Microsoft never sends software updates as attachments. Basic
“email hygiene” also tells us not to open email attachments indiscriminately.
Protect Yourself from Email Spoofing
- Know that requests for your password and login information will never be sent by the company whose services you are using (credit card, bank, AOL etc.)
- Know that software updates will not be sent as attachments in email.
- Practice safe email and computer usage (see the tips at the bottom of the article)
- If you are concerned about somebody using your identity to try to discredit your social justice work, consider using PGP (Pretty Good Privacy) to sign all your email messages. This is the only way you can prove which messages are really coming from you.
Identifying the wolf if it gets into your Inbox:
- Scan all attachments with antivirus software.
- Examine the questionable message carefully to look for clues. Some of these might be: outlandish or out of character remarks from friends or allies, requests to install or remove system files on your computer, or cleverly worded attempts at obtaining your personal information.
- If you want to take a more technical (and time consuming) approach, sift through the email’s headers to track down the real sender. Like spam, spoofs can obscure the path they take between the real sender and your mailbox. Here are some links to help you out (they are quite wordy):
How to retrieve an email header
SpamAbuse.org
SpamCop.net
How to read an email header
StopSpam.org
Steps to reduce/prevent being bitten once the wolf is
inside
- Remain calm, especially if the email appears to have come from someone you know. Since many viruses and worms propagate by exploiting users’ address books, the spoof may very well have been sent that way. For those spoofs intended to damage reputations and credibility, something more calculated is at work than random propagation. All the more reason not to take the message at face value.
- Don’t use any contact information or links contained in questionable messages—they often redirect you to the wrong place.
- Contact whoever the message appears to come from directly (friend or acquaintance, service provider/financial institution) to confirm its authenticity, i.e. if it looks like it came from your friend Doris, contact her directly by sending her a new message (don’t hit Reply) or call her.
- Delete the message immediately.
Proactive steps to take
- Ask your Internet service provider (ISP) or email provider if they provide antivirus protection for email. If not, request this service, or consider moving to a provider that offers it.
- Sometimes, ISPs and other services like eBay or AOL have reporting mechanisms that you can forward spoofs to e.g. abuse@qwest.net or spoof@ebay.com. Your input helps them gain a clearer picture of what’s out there, but it’s unlikely that spoofers will be pursued, especially if you never fell for their ruse.