Spoofing emails is among the most prevalent forms of hacker activity involving email communications. Exposed email addresses can easily be acquired by cybercriminals, from compromised mailing lists, public message boards and even company websites.

Email spoofing takes place when a message’s identifying fields are modified so the email appears to originate from an individual other than the real sender. It is a popular tool employed by spammers to circumnavigate filters that block their mass mailing campaigns, increasing their chance of reaching targets. Spam messages can often contain malicious links that have harmful effects, including stealing staff credentials via phishing sites and downloading malware onto devices.

For the most part if a spammer sends out mail using your spoofed address and it is rejected by the recipient’s server, the emails will generally bounce back to your authentic address, filling your inbox with “unable to deliver messages.” However, if the messages get through, you may find you are swamped with emails from annoyed recipients complaining that your account has been compromised and they are receiving spam from you in their inboxes.

Actions to take if your email address is spoofed

After your address has been spoofed, you will discover there is no quick and easy way to prevent bounce-backs arriving in your inbox. For the most part, you’ll need to wait out the duration until the recipient’s servers recognise the messages are spam and then stop bouncing them back to your authentic address.

If you believe you have been spoofed as part of a targeted phishing attempt through a work email address, you should let your Chief Information Officer or dedicated IT department know immediately. You can also contact your colleagues and contacts to warn them of potential messages they may receive to avoid damaging consequences.

Preventative measures to take going forward

The most effective practice to protect your email address from being employed in spoof attacks is to keep it as private as possible. This means avoiding posting it on websites and forums or including it on third-party mailing lists where it may be exposed and picked up. Establishing a Sender Policy Framework (SPF) record is also a wise move to stop malicious actors spoofing your email address, often acting as a deterrent against spammers and hackers. The SPF check will stop any messages not authorised to be issued from your domain reaching from others, avoiding those bounce-backs and angry emails about spam from your address.

Email securely

To assist organisations, institutions, and individuals with safe communication over email, we have devised a secure platform here at Galaxkey. Fully compatible on an extensive range of devices and with a wide selection of operating systems, the platform provides a secure environment for users to email. Featuring powerful encryption that keeps email contents and their attachments safe, and impressive tools that are simple to employ, while also delivering digital signing and state-of-the-art verification processes, our system is ideal for avoiding spam, scams and phishing attempts.

Get in touch with our specialist team today to arrange a free 14-day trial.