Email Spoofing: Working and Process

Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Distributors of spam often use spoofing in an attempt to get recipients to open, and possibly even respond to their solicitations. Spoofing can be used legitimately. Classic examples of senders who might prefer to disguise the source of the email include a sender reporting mistreatment by a spouse to a welfare agency or a ”whistle-blower” who fears retaliation. However, spoofing anyone other than yourself is illegal in some jurisdictions.

Email spoofing or forging, according to MICHELLE MISTA, is “an email that is sent from one source pretending to be another. It is a common form of unsolicited mail and almost always has a malicious intent, usually to obtain sensitive information. In many cases, a malicious email will be spoofed to pretend that it is from a reliable source, usually a well known company. Spoofed emails may also contain links that take the receiver to a webpage that may look legitimate but is not. Spoofed emails will often try to dupe the receiver into revealing sensitive information, such as usernames, passwords or other identifying details”.

In order to make spoof emails seem legitimate, the email body uses the names, logos, graphics and even legitimate web addresses and email addresses in some fields. The action links in the spoof emails almost always take you to a spoof web site. Spoof emails can be sent also as an attack against you or your organization, with fraudulent offers, bogus announcements or malicious contents.

Examples-Examples of spoofed email that could affect the security of your site include-

(1) Email claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not do this.

(2) Email claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information.

Intensity of security risk

Although most spoofed emails fall into the “nuisance” category and require little action other than deletion, the more malicious varieties can cause serious problems and security risks. For example, spoofed email may purport to be from someone in a position of authority, asking for sensitive data, such as passwords, credit card numbers, or other personal information, any of which can be used for a variety of criminal purposes. The Bank of America, eBay, and Wells Fargo are among the companies recently spoofed in mass spam mailings. One type of email spoofing, self-sending spam, involves messages that appear to be both to and from the recipient.

Working of Email Spoofing

Email spoofing is a trick used by email spammers. It works as following-

In order to send email you need to include a return address, or else the receiving server will most likely reject the email as invalid or spam. Spammers need a return address for their spam messages but they do not want to use their own address for fear of being caught. Also, since so many spam messages get bounced, the spammer does not want to receive thousands of bounce messages.

Unfortunately, one of the fundamental flaws of the email system is that you can put any return email address you like on your email- it doesn’t have to be your own. This means that spammers can use someone else’s email address as the return address on their spam. This makes their spam seem more legitimate while passing all the problems on to some poor innocent victim.

Process involved in spoofing

Spammers spoof mail headers in email messages to fool spam filters into letting the message through. The tactic can also increase the spam message’s seeming legitimacy. You’re more likely to open email that purports to come from a person or a company you know than email that comes from a total stranger.

The process of spoofing an email, as explained by H. Buss in wise GEEK, is almost as easy as writing the wrong return address on a piece of mail. The standard used for sending Internet email, called Simple Mail Transfer Protocol (SMTP), allows a user to write in any correctly formatted email they want. An email’s originating address does not have to match with the sending address to go through in an SMTP system. Spoofed emails are usually sent by robot programs designed to send mass spoofed emails.

Email Spoofing, why possible

Email spoofing is possible because Simple Mail Transfer Protocol (SMTP), the main protocol used in sending email does not include an authentication mechanism. Although an SMTP service extension (specified in IETF RFC 2554) allows an SMTP client to negotiate a security level with a mail server, this precaution is not often taken. If the precaution is not taken, anyone with the requisite knowledge can connect to the server and use it to send messages. To send spoofed email, senders insert commands in headers that will alter message information. It is possible to send a message that appears to be from anyone, anywhere, saying whatever the sender wants it to say. Thus, someone may send spoofed email that appears to be from you with a message that you did not write.

——————–

Also Read ATM Fraud: Causes and Techniques/Types
Also Read What is Malicious Code?
Also Read Victims of Cyber Crimes
Also Read Credit Card Fraud
Also Read What is Online Defamation?
Also Read Nature and Scope of Cyber Crime
Also Read Liability of Cyber Cafe Owner if a Customer downloads any Obscene Material
Also Read Relation between Cyber Crime and Conventional Crime
Also Read Crime of Identity Theft
Also Read Forms of Cyber Fraud
Also Read Email Fraud
Also Read Cyberbullying: A crime on internet
Also Read Email Bombing: Causes and Effects
Also Read Phishing Email: Defences available against Phishing Scams
Also Read Email Spoofing: Working and Process
Also Read Elementary Problems Associated with Detection of Cyber Crime
Also Read Different Modes and Manners of Committing Cyber Crimes
Also Read Cyber Terrorism: Meaning and Its Nature
Also Read Cyber Gambling : A Brief Introduction
Also Read What is Cyber Crime?
Also Read Characteristics of Cyber Crime
Also Read Categories of Cyber Criminals
Also Read Scope of Cyber Law

Leave a Comment