What is a spoof email?

  • A spoof email is when a person sends an email pretending to be someone else, in order to trick the recipient into handing over sensitive information or money.
  • Sensitive information could be your bank card numbers, address, postcode, phone numbers, answers to security questions or even login information for online accounts.

What does a spoof email look like?

Let’s give an example of what might happen when you receive a spoof email.

  • Imagine you’re working late in the office alone.
  • You receive an email from what appears to be your manager asking you to make a payment to a new client and that it needs to be done immediately.
  • In the email, he provides the bank account details for the new client and it looks like it’s from his email address!
  • So, what do you do? Do you simply make the payment to this unknown account and think nothing of it or would you confirm with your manager to see if this email is genuine before making any payment?
  • The best idea is to confirm with your manager if this is genuine. Contact your manager through a phone number you already have (not one found in the email you recieved).
  • The golden rule is if you’re in doubt, call and check.

Another example:

  • You receive the following email it’s addressed to your email address and you are on Facebook.
  • The email claims your account has been suspended and you must reset your password.

 

 Tue 18/12/2018 14:14 Facebook <security@facebookmail.com> Your Account has been Suspended To john.doe@emaiLcom Facebook Hi John, We received a request to reset your Facebook password. Click here to change your password. Alternatively, you can enter the following password reset code. 018100 Didn't request this change? If you didnt request a new password, let us know Confirm Password This message was sent to Facebook Ireland Ltd., Attention: Community Operations, 4 Grand Canal Square, Dublin 2, Ireland To help keep your account securer please don* forward this email. Leam more.

  • This email is a copy of a genuine Facebook email that has manipulated with links changed.
  • If you were to click the ‘Confirm Password’ button, you would be redirected to another website.
  • This is a phishing website that will trick you into entering your Facebook login and steals your login details.

How do I tell if an email is a spoof?

It can be very difficult to tell so if in doubt don’t click anything in the email and contact the supposed sender separately! Here are some top tips for spotting a spoof:

  • Check the email address!
    • Whilst it might say it’s a reputable company or a person you know, the email address may tell a different story!
    • Look at the image below – the name may say “Rackspace.com” but the email address is a jumbled mess. That’s a tell-tale sign of a spoof email. This is definitely my top tip and has been very useful!

From: "Rackspace.com" Date: November 5, 2019 at 5:39:18 PM EST To: Nick Perkins - The SSL Storew <nick@thesslstore.com> Subject: [Thesslstore Support] Ticket #796846151 - Message processing failure notification

  • Another sign of a spoof email is spelling mistakes or a different typing style to how the actual person would send an email.
    • If you receive an email from them that is missing their usual mannerisms and typing style, then it’s potentially not been written by them.
    • Though be aware – people who send spoof emails study how the target company sends emails and will copy that style. This may include using genuine company logos or email signatures. These are by far the hardest type of spoof emails for people to detect without input from an IT professional. We can analyse the data embedded in the email and advise you on the best course of action.
  • It’s also very important to remember that under the Data Protection Act (2018), no company will ever ask you for personal information over email. This includes bank card information and personal information such as addresses or website account login information.
  • The final major sign of a spoof email is that they all have a high sense of urgency. Your account is about to be closed down or this payment needs to be done right now! This is for a couple of reasons:
    1. They want to panic you so you think less clearly and don’t notice any of the telltale signs of a spoof.
    2. They also only have a limited amount of time before their service gets recognised as a fake site and taken down. Time is definitely of the essence.  

Let’s talk about links and attachments!
Finally, let’s talk about the risks that links and attachments pose in spoof emails.

  • With links they may appear to be genuine, for example, you could receive a spoof email that contains a link asking you to update your login information for a certain website.
  • These are commonly referred to as ‘phishing’ links which simply means the person sending the spoof email is trying to obtain your login for a specific website by tricking you.
  • Attachments have a very high chance of downloading or installing malicious software onto your device. Commonly, this would be a form of the Cryptolocker virus which essentially holds your personal files to ransom.

Think you have a spoof email but aren’t sure? Have you accidentally clicked on a bad link? Want to learn more about how you can protect your home or business? Give us a call on 01553 692727 or send an email to [email protected] to see how we can help!

Tagged

Leave a Reply