Today I’m going to be talking about Spoof Emails; What they are, why people send them, how to detect them and the impact they can have on a business.
I will give you a brief explanation about Spoof emails but if you would like more detailed information you can find a Wikipedia article about it Here.
What is a spoof email?
To simplify a Spoof Email is when a person sends an email pretending to be someone else. If you think of it like sending a letter to someone pretending to be their bank and signing it as the bank’s manager, only with a spoof email this is done electronically.
The purpose of a Spoof Email is to trick the recipient into handing over sensitive information or money to the sender. Sensitive information may include: bank card numbers, personal information (Address, post code, phone numbers, answers to security questions) or even login information for online accounts.
Let’s give an example of what might happen when you receive a spoof email.
In this scenario I will be using the name of “Mr X” for the person sending the Spoof Email.
Imagine you’re working late in the office and everyone else has gone home for the day. You receive an email from what appears to be your Boss asking you to make a payment to a new client and that it needs to be done immediately. In the email he also provides the bank account details for the “new client”. It’s also worth noting that the email appears to have been sent from your Bosses email address and has been typed in a similar way.
So, what do you do? Do you simply make the payment to this unknown account and think nothing of it or would you confirm with your Boss to see if this email is genuine before making any payment?
The correct answer is to confirm with your Boss if this is genuine.
You should contact your boss via phone and not email, this is because When an email address is spoofed the email will come from [email protected] but if it’s been spoofed correctly, when you reply to the email it will display that it’s sending to [email protected] however it will actually reply to [email protected] so he will just reply to you again saying yes this is genuine.
The golden rule is if you’re in doubt, call and check.
You receive the following email it’s addressed to your email address and you are on Facebook. The email claims your account has been suspended and you must reset your password.
The trick used here is that the email is a copy of a genuine Facebook email however it’s been adjusted, the “Change Password” button has been changed to a “Confirm Password” and redirects you to another website that is not Facebook. This is a phishing website that will trick you into trying to “sign into Facebook” which instead of signing you in to Facebook steals your login details.
How to tell if an email is a spoof
So how do you tell the difference between a spoof email and a genuine email? Unfortunately, it’s very hard to tell them apart at times. This is because some spoof emails have been meticulously put together to try and be very convincing, others can appear as complete nonsense (Badly put together, bad spelling and grammar or just badly translated from another language).
A common trick that is being used by people sending spoof emails is to sign them as “Sent from iPhone”. This simple sentence makes the email that much more convincing because a lot of people associate this with being written on a mobile phone whilst someone is on the go, so the email will be much shorter, less personal and potentially have mistakes, but if it’s been sent whilst on the go you understand that this might happen and don’t think anything of it.
Other types of spoof email could contain spelling mistakes or may be typed differently to how the genuine person would send an email. Everyone has mannerisms and phrases that they use more than other people do, if you email them enough you get an idea of their “style” of writing and how they compose an email (I personally use phrases such as “Good Morning, I hope you’re well” when starting an email whereas other people may just put “Hi”). If you receive an email from them that is missing these mannerisms, then it’s potentially not been written by them.
Finally, some spoof emails are very well put together and can often be extremely hard to tell them apart from the genuine ones. There are occasions where the person sending the spoof studies how the target company sends emails and will often copy that style. This may include using the genuine company logos or email signatures. These are by far the hardest type of spoof email for people to detect without input from an IT professional. We can analyse the data embedded in the email and can see where the email originally came from.
It’s very important to remember that under the new General Data Protection Regulation (GDPR) no company will ever ask you for personal information over email. This includes bank card information and personal information such as addresses or website account login information.
Do spoof emails have an impact on businesses?
The short answer is yes! When you put this into financial terms in the first half of 2018, UK businesses lost approximately £500 million due to scam emails.
Let’s talk about links and attachments!
Finally let’s talk about the risks that links and attachments pose in spoof emails. With links they may appear to be genuine, for example you could receive a spoof email which contains a link asking you to “Update your login information” for a certain website. These are commonly referred to as “Phishing” links which simply means the person sending the spoof email is trying to obtain your login for a specific website by you entering them. For more information on Phishing attacks please see this Wikipedia article.
Attachments have a very high chance of downloading or installing malicious software onto your device, which could be your phone, tablet, laptop and even an Apple device. Commonly this would be a form of the Cryptolocker virus which essentially holds your personal files to ransom. We will go into more details about Crytolocker and other types of common viruses in a future video. However, for now here is a link to a Wikipedia article which will contain a more in-depth explanation of the Cryptolocker virus.
Thank you for taking your time to read this post. If you have any further questions or would like to know more please feel free to call our office or send an email to us on [email protected]
Take Care and stay safe, Brodie.