Email Spoofing and Targeted phishing

Email spoofing This is a malicious behavior in which an email header is forged to appear that it has originated from a trusted source or the recipient email address when that is not actually the case.


There are two general reasons this is done, one is to create the appearance that an email account has been compromised and the other is to spear phish (the spoofed email will appear to have come from a legal@ or finance@ address requesting wire transfers or account credentials).


We are working to implement a sender policy framework (SPF) to address this form of fraud. It is vital that if you receive an email that looks suspicious or is requesting any kind of financial or account details that you verify their legitimacy before clicking any links they contain or provide the information they are requesting.

There has been a noticeable increase in this kind of spam in the wake of several large security breaches online (Facebook and LinkedIn to name two of the larger ones). The spam emails will contain an old (and potentially current) password obtained through one of these breaches. If you receive one of these spoofed emails it is always best to update your email password (avoiding the same password used on other accounts decreases the likelihood of one breach compromising multiple systems).

Practice extra caution:

  • Whenever the subject prompts you to act quickly (using words like important, please respond, or threatens to close an account).
  • If you aren't expecting something from the person.
  • With ALL links and attachments—never click or open them unless you're 100% sure they're legitimate.

Spoofed messages often direct people to malware sites. If you have any doubt about if the email is legitimate, confirm the source before you click.

Business Insider published an informative article on this practice with links to resources you can use to determine if and where your information has been leaked.


Please sign in to leave a comment.