Email spoofing is a type of cyber attack whereby the attacker sends an email that appears to be from a legitimate source, but it’s not.
The sender may use a fake email address, display name, or other details within the email header to deceive the recipient into believing that the message is from a trusted source.
There are many reasons an attacker may use email spoofing against victims, but it often involves tricking the recipient into disclosing sensitive information or downloading malware onto their device.
For example, a threat actor may send an email that appears to be from a bank, asking the victim to update their account information.
When the recipient clicks on the link in the email, they may be directed to a fake website where they’re asked to enter their personal and financial details. In this case, the attacker can use this information to commit fraud.
Email spoofing can be difficult to detect, but you can reduce the risk of such attacks by always verifying the sender, being cautious with links and attachments, and staying vigilant through security awareness training.
For more information about email spoofing, other potential phishing attacks and guidance on how to best support your business and team from cyber crime please contact [email protected].
Plus sign up for our free core membership to stay up to date with the latest cyber security updates and gain access to a wealth of handy resources.
The NEBRC is a non-profit organisation that seeks to educate, inform, and support businesses across the UK on how to stay safe online through reliable cyber security practices.