Email Spoofing

What is Spoofed Email?

Spoofing an email means faking the sender address to hide the true origin of the message.
 

When you send a letter through the post, you generally write a return address on the envelope so the recipient can identify the sender, and so the post office can return the mail to the sender in the event of a problem. But nothing prevents you from writing a different return address than your own; anyone could send a letter and put any return address on the envelope. Email works the same way. When a server sends an email message, it specifies the sender, but this sender field can be forged (i.e., spoofed).

 

Why do attackers spoof emails?

  • Pretending to be someone the receiver knows. This can be used to ask for sensitive information or for a monetary scam.
  • Pretending to be from an organization the receiver has a relationship with. Phishing attempts to get hold of login details for banks etc. are a common example.
  • Hiding their true identity to evade spam filters.
  • Easy to rotate. If you are spamming, your address is bound to be blocked quickly. If you’re able to switch sender addresses, who cares?

 

I think someone is spoofing a UFV address. What can I do?

There are sometimes legitimate reasons a sender address is spoofed.

For example, if your department is using a third party mailing service (e.g Mailchimp, Capaigner) to send emails using a UFV address, you are "spoofing" the UFV address (our spam filter can see the you are sending as @ufv.ca, but the email is not coming from a UFV system). When departments set up these mailing services, we whitelist their desired sender address. This is so that your legitimate third-party emails won't be detected as spoofing and blocked by the spam filter. Unfortunately, this means that when your department's address is spoofed by a scammer (and not your mailing service), the spam filter allows it through.

For this reason, receiving spoofed email doesn't necessarily mean that any account was compromised but if you're concerned, forward the email to phishreport@ufv.ca. This inbox is monitored daily and we endeavour to answer any questions you have.

 

Details

Article ID: 1881
Created
Thu 9/2/21 1:10 PM
Modified
Fri 2/25/22 1:26 PM