Email spoofing occurs when someone has modified the email header so the message appears to have come from somewhere other than the actual source. In many cases, the email can even appear to have come from your email address! You know that you didn’t send it, so what’s going on and how can you prevent yourself from falling right into that cyber-trap? Here’s a few tips to stay ahead of the spoofing curve:
Add your domain to the blocked domain list – Any internal messages in your domain will continue to be sent/received with no issues, but anything else received from outside that appears to be from your domain will be blocked. If your business uses any third-party systems, programs, etc. to send messages from your domain from outside of the network, be sure to add the applicable email / IP address(es) to the allowed list.
Recognize the signs – From spelling errors, urgent language or requests for too much of your information, often spoofing and phishing attempts are covered with tell-tale signs of debauchery. The following article has some great tips on how to recognize many typical signs:
Get educated on email headers – Message headers give valuable insight into an email’s routing history, including the sender, recipient and subject. Regardless of the email client, viewing email headers for a specific message is relatively simple. Refer to the following AppRiver article for instructions on viewing message headers in many common clients:
Check your SPF – The Sender Policy Framework (SPF) record is a DNS record that identifies which servers can send email on behalf of your domain. AppRiver customers can refer to the following article for more information: