In last, we mentioned that it is easy to disguise the true identity of the person who sends you an e-mail message. In this week’s letter, we want to focus more on this topic and describe what it means to you as an Internet user.

E-mail spoofing, or the technique of making an e-mail message appear as if it were coming from someone other than the actual sender, is a common tool of spammers, phishers, and other devious characters. By spoofing the sender of an e-mail message, these con artists are able to get people to open e-mail messages and e-mail attachments that they otherwise would not.

Aside from the spammer who uses spoofing to hide their true identity so they can continue with their illegal trade, spoofing is used in more malicious ways. One of the ways that phishers or virus writers use spoofing is to make an e-mail message look like it is being sent from a legitimate source. This is the spoofing that was mentioned in last week’s letter. Phishers use spoofing to make an e-mail message appear to come from a bank or an online retailer. They know that you are more likely to believe that a message you receive asking for personal financial information if the from address says support@ebay.com or accounts@citibank.com.

This type of spoofing is particularly troublesome for Internet service providers such as GoBigWest and is one of the tricks used by the MyTob virus that was the topic of last week’s post. The virus message tells recipients that their account is going to be closed, that they have a virus on their computer, or some other false claim. It then instructs recipients to open an attachment. The trick that the senders of the messages use is to make the message look like it was sent by their Internet service provider. They do this by combining a legitimate sounding name such as ‘support’ or ‘administrator’ and the tail of the recipient’s e-mail address. The from address then looks like support@aol.com, adminstrator@netzero.com, or support@gobigwest.com depending on the recipient’s e-mail address.

Another type of spoofing is used by viruses to send messages that appear to come from a friend or family member of the recipient. Once they infect a computer, many viruses will find the address book on the computer and send copies of themselves to the addresses they find. This is a particularly effective trick because the recipient of one of these messages often times knows the sender personally. If they know and trust the person, then they are much more likely to open e-mail attachments if they think the message is from that person.

There are other types of spoofing and we will probably see new and unique variations on this technique in the future, but the point of the letter remains the same. It is not possible to determine whether an e-mail is legitimate or not simply by looking at the sender of the message. Instead, you need to look carefully at the message itself for clues. If a message appears to be from a friend or family member, is there any information in the body of the letter indicating that the sender knows who you are? If the message claims to be from your bank or your Internet service provider, does it address you by name or include any other information that is specific to your account? If not, then you should treat the message with caution. For any messages where you are unsure of the true sender, contact the person or company that the message appears to be from before opening any attachments or clicking on any links.

E-mail spoofing is an important and sometimes confusing topic so if you have any additional questions about e-mail spoofing, please let us know.

This entry was posted on Thursday, June 23rd, 2005 at 8:13 am and is filed under GoBigWest User Tips. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.