Beware of spoofing

11/29/2016

Beware of emails imitating to be someone else, as this could cost you dearly. This time of the year we often see an increase in email fraud. Please be vigilant and put the necessary measures in place.

What is an email spoofing attempt?

It is when you receive an email from an entity posing as somebody they are not. The email will seem legitimate and this is what makes it so dangerous.

Email spoofing is the forgery of an email header (the header describes the originator, recipients and the message priority level) so that the message appears to have been sent from someone or somewhere other than the actual source. Email spoofing is used in phishing attempts and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source. The goal of email spoofing is to get recipients to open, and possibly even respond to their attempt by e.g. replying to the email and providing more information or to click on a link that installs malware.

The easiest, and most effective way to treat a spoofed email, is to delete it. Be very careful to provide sensitive information such as credit card numbers and passwords, to click on links that could install malicious ware on your device and replying to a spoofed email.

Remember, these emails seem to be legitimate and the perpetrator could be impersonating somebody with authority from your company, such as the CEO or CFO.

Spoofed. What now?

  1. Prevention is better than cure. Make sure you have a recognized anti-spam/e-mail protection and anti-malware software installed on all your devices. Always keep these up to date.
  2. Human logic and common sense can help you out of a tight spot. Train your staff and inform them on what to look out for.  Although technology is a first defense and can assist greatly to ward yourself and your company against spoofing attacks, being vigilant could be the decisive factor.
  3. Never download unfamiliar attachments. If you are unsure, call the sender – do not reply to the email.
  4. Do not click on unexpected or suspect links.
  5. Be mindful of your email account. Always log out of your webmail, especially when you are using a public device. Never leave your email unattended and available for anybody to access.
  6. You could increase your spam filter on your email client, although this could lead to legitimate emails landing up in your spam.
  7. Check email addresses against domain names and make sure they match. If not – approach with caution.
  8. If fraud is suspected contact both your internet service provider and the sender of the mail in question.

Last word

Please be careful. Spoofing attacks are becoming increasing intelligent and more frequent. A few easy precautions could assist a great deal and save you face and money. If you suspect that you have been spoofed contact us immediately.

Posted in ,