Manage Learn to apply best practices and optimize your operations.

Email attacks that threaten networks and flood inboxes


Prevent email spoofing from wreaking havoc on contact lists

Source:  id-work/iStock
Visual Editor: Sarah Evans

Email spoofing is the falsification of an email header so that the message looks as if to have originated from someone or somewhere other than the real source.

Spammers send email from a legitimate email account's address to appear as if the message came from that user, making it hard to prevent email spoofing. The From address or other header fields can be set by a malicious email program to say that the email is from a specific email address.

Admins can detect email spoofing if users report mailer-daemon error messages (returned email messages) in their inboxes that don't match any messages that they sent, or if contacts message them about unusual received email communications.

Prevent email spoofing with Sender Policy Framework, an antispam approach, or DomainKeys Identified Mail, a public key encryption method that works with SPF by linking each message with the sending domain. SPF and DKIM check if the originating email server is on the approved list for the email domain.

Although there isn't a way to stop email spoofing, secure accounts by making users change their passwords regularly. Use spam filters and tools like GFI MailEssentials as well. Admins can prevent email spoofing by learning to read email headers and trace IP addresses, and training employees to never click unfamiliar attachments.

Now that you can prevent email spoofing, find out how to identify a phishing attack.

Text by Nick Lewis (CISSP), a Program Manager for Trust and Identity at Internet2.

View All Photo Stories