Hosted Desktop UK - Your office anywhere

Email Spoofing – What is it and how does it affect you?

Spoofing, in IT terms, is a fraudulent or malicious practice in which communication is sent from an unknown source, disguised as a source known to the receiver. Spoofing is most prevalent in communication mechanisms that lack a high level of security.

Email spoofing is one of the best known spoofs. Since core SMTP (Simple Mail Transfer Protocol) fails to offer authentication, it is very easy to forge and impersonate emails. Falsified headers are used to mislead the recipient, or network applications, as to the origin of a message.

Spoofed emails may appear to be from a known sender (often from within your own organisation/domain) and request personal or company information, they can also be used to request fraudulent actions. The attacker (or spoofer) knows that if the recipient receives a spoofed email that appears to be from a known source, it is likely to be opened and acted upon. Attackers use business networking and social media sites to gather information and email addresses for authoritative figures within targeted organisations.

One known example of this relates to a company employee, working in accounts, who received what appeared to be an internal email from a director requesting immediate payment of a supplier invoice, a copy of which had been sent as an attachment to the email complete with bank account details for the transfer. In this particular instance the authorisation process in place managed to stop the payment, but you can see how easy it would be to be duped into paying.

A spoofed email may also contain additional threats like Trojans or other viruses.


What can you do to avoid being a victim of spoofing?

The only sure way is to not have email but that isn’t really an option in a world where an ever increasing proportion of both business and personal interactions are conducted online. It is down to everyone who sends and receives email to be vigilant, sadly we now need to scrutinise every incoming email and treat it as a possible threat, regardless of its reported source.

If you are ever in doubt about the authenticity of any email do not respond and definitely DO NOT OPEN ATTACHMENTS until you can verify that it has come from a trusted source. If you are unable to do so the safest option is just to delete it, asking someone to resend if it was genuine is always the better option to being a victim of fraud or having to clean up your system following an infection.

This entry was posted in HDUK Blog and tagged , , . Bookmark the permalink.


HDUK Webinars

No events available...

More than 15,000 users trust HDUK for their Hosted Services. Here are just some of our clients:

  • CS_AtriaAssociates
  • CS_pattinsons

HDUK Business Awards

  • Everline 50 215 x 114
    42under42 215x114
  • west-morn
  • EE_FinalistSBY
  • WMN2012

HDUK Partners & Accreditations

  • Cyber Essentials 215 x 114
  • fsb
  • ms-cert
    ESET 215 x114
  • goCardless
    AVG Gold Reseller
  • bunker_logo_trans
  • Over 94% of our clients would recommend our Hosted Services to another business
  • Over 53% of our clients say that anywhere access was their main reason for moving to a hosted solution
  • 60% of our clients chose us as their preferred hosting provider due to a recommendation
  • Over 92% of our clients say that they now spend less time dealing with IT issues
  • 41% of our clients stated that improved security was their main reason for moving to a hosted solution

Privacy Statement Terms & Conditions Copyright 2019 Hosted Desktop UK Ltd. All Rights Reserved.
Company Registered in England & Wales No. 07258568. Registered Office: Basepoint Business Centre, Yeoford Way, Marsh Barton, EXETER EX2 8LB

Devon Web Design & Development