ITS Service Desk

What is spoofing and how can I manage it?

It's a fact of life. Most emails that we receive are junk. Just look at your Spam folder some time and see how much of that junk Gmail is filtering out for you. But if a junk message gets through to your Inbox, what should you do? The answer to that depends on what you see.

In this series of articles, we'll address several kinds of unwanted email. It's important to understand the differences and how to handle each.

Spam | SpoofingPhishing | Spear Phishing | Gmail Warnings

Spoofing

A spoofed email is one that comes to you from an email address that does not actually belong to the sender. The sender actually forged the sender name and email address in the message, so that it looks like it came from a particular person, but it didn't. Spoofing is one of the most difficult things to prevent and it's even more difficult to explain. Suffice it to say that just because an email says that it came from "John Smith", it doesn't mean John Smith actually sent it.

The best way to recognize a spoofed email is that the message just doesn't seem right. Here's an example of a real spoofed message:

Subject: amazing

Hello!

It is amazing what one can invent! You're going to love it, I swear! Read more here open link

Speak to you later, john.smith

Practically everything about this email is suspicious:

  • The subject line says simply "amazing". That's not a normal subject line that this person would have used.
  • The person is telling you about an invention. Again, that's not a normal thing for this user to email you about.
  • The email is signed "john.smith". Most people will simply sign their emails with their first name, and sometimes first and last, but usually never with their first and last in all lower case with a dot in the middle.
  • Perhaps the most important thing to notice is that the action the email is proposing is that you click a link. But they ask for it by saying "read more here open link". That just doesn't sound right. And the fact that they want you to click a link at all should cause you to question it.

There are some technical resources that ITS has available to help us prevent this from happening. But it's not an exact science.

The Sender

Sometimes you may recognize the name of the sender, and the email address may even be real. But often times if you look close enough, you'll see that the email address is actually not real. For example, instead of our familiar format of "firstname.lastname@snc.edu", it might be "firstname.lastname.snc.edu@gmail.com" or something similar.

Nonetheless, if you recognize the name, you can always call that person and ask them if they sent you the email.

What To Do

DON'T just delete the email. This can make the situation worse, because a spoofed email got through without being filtered, and the senders will then continue to send more. We recommend marking the message as spam, as described in this article:

≫ Mark or unmark Spam in Gmail

Suffice it to say that marking an email as spam should be a small task that you're very familiar with and can do without thinking twice.

Additional Resources

Here is another article from Google with more information on the subject:

≫ Someone is sending emails from a spoofed address

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk