Identify a Spoofed Email and Its Use for Phishing Attacks

What is a spoofed email?

A spoofed email is an email that appears to come from a legitimate sender, but is actually sent by a malicious actor. The goal of a spoofed email is to trick you into believing that the email is authentic and trustworthy, and to persuade you to take some action that benefits the attacker, such as clicking on a link, opening an attachment, or providing personal information.

What is a phishing attack?

A phishing attack is a type of cyberattack that uses spoofed emails or other deceptive means to lure you into revealing sensitive information, such as your passwords, bank account details, or credit card numbers. Phishing attacks can also infect your device with malware, ransomware, or spyware, which can compromise your data and security.

Why are spoofed emails and phishing attacks dangerous?

Identity theft: The attacker can use your personal information to impersonate you and access your accounts, services, or benefits.
Financial loss: The attacker can use your financial information to make unauthorized transactions, purchases, or transfers from your accounts.
Data breach: The attacker can use your credentials to access your organization’s network, systems, or data, and steal, damage, or leak confidential information.
Reputation damage: The attacker can use your identity or your organization’s name to send malicious emails or messages to your contacts, clients, or partners, and damage your reputation or credibility.
Legal liability: The attacker can use your information or your organization’s data to commit fraud, crimes, or other illegal activities, and expose you or your organization to legal risks or penalties.

How to identify a spoofed email?

The sender’s name or email address does not match the expected sender or the organization they claim to represent. For example, the email may come from “Lori Upton” lu23950@gmail.com instead of “Lori Upton” lori.upton@setrac.org.
The email contains generic greetings, such as “Dear Customer” or “Hello User”, instead of addressing you by your name or username.
The email contains spelling, grammar, or punctuation errors, or uses unprofessional or unusual language or tone.
The email asks you to provide personal, financial, or account information, such as your password, PIN, security question, or verification code, or to confirm or update your details.
The email urges you to act quickly or urgently, or threatens you with negative consequences, such as account suspension, legal action, or fines, if you do not comply.
The email contains links or attachments that look suspicious or unfamiliar, or that do not match the sender or the subject of the email. For example, the link may have a different domain name or extension than the sender’s email address, or the attachment may have an unusual file type or name.

How to prevent spoofed emails and phishing attacks?

Do not open or respond to emails that look suspicious or unsolicited, or that come from unknown or untrusted senders.
Do not click on links or open attachments that look suspicious or unfamiliar, or that do not match the sender or the subject of the email. Instead, hover your mouse over the link or attachment to see the actual URL or file name, and verify that it is legitimate and safe.
Do not provide personal, financial, or account information, or any other sensitive data, in response to an email request, even if it appears to come from a legitimate sender or organization. Instead, contact the sender or organization directly using a different channel, such as phone or official website, and confirm the authenticity and validity of the request.
Use strong and unique passwords for your accounts, and change them regularly. Do not use the same password for multiple accounts, or share your passwords with anyone.
Enable multi-factor authentication (MFA) for your accounts, if available. MFA adds an extra layer of security by requiring you to enter a code or use a device, such as your phone or a token, to verify your identity when you log in to your account.
Report any suspicious or malicious emails to IT. This can help prevent the spread of spoofed emails or phishing attacks to other users or devices.