Email Spoofing


Spoofing an email means forging what appears as the sender (From:) address.

When you send a letter through the post, you generally write a return address on the envelope so the recipient can identify the sender, and so the post office can return the mail to the sender in the event of a problem. But nothing prevents you from writing a different return address than your own; anyone could send a letter and put any return address on the envelope. Email works the same way. When a server sends an email message, it specifies the sender, but this sender field can be forged (i.e., spoofed).


Why do attackers spoof emails?

  • Pretending to be someone the receiver knows. This can be used to ask for sensitive information or to initiate a monetary scam.
  • Pretending to be from an organization the receiver has a relationship with. Phishing attempts to get hold of login details for banks etc. are a common example.
  • Hiding their true identity to evade spam filters.
  • Easy to rotate. If you are spamming, your address is bound to be blocked. If you’re able to easily switch sender addresses, who cares?


I think someone is spoofing a UFV email address, what can I do?

If you are concerned about an email you received, please forward it to


Print Article


Article ID: 1881
Thu 9/2/21 1:10 PM
Fri 3/15/24 11:15 AM