Definition: Email spoofing is the act of forging the header information on an email so that it appears to have originated from somewhere other than its true source. The protocol used for email, SMTP (Simple Mail Transfer Protocol), does not have any authentication to verify the source. By changing the header information, someone can make an email appear to come from whomever they choose. Miscreants can even copy the targeted organization’s logo and formatting, to give the email an authentic look and feel.
Email spoofing is used by virus authors. By propagating a virus with a spoofed email source, it is more difficult for users who receive the virus to track its source to stop the virus.
- Julie Smith Shares Identity Security Guidance for 2023 - January 19, 2023
- Mark Thomas Talks about Threat Hunting - January 5, 2023
- Malcom Harkins Talks about Ethical and Legal Obligations of the CISO - October 20, 2022