What is Email Spoofing

Email spoofing may occur in different forms, but all have a similar result: a user receives email that appears to have originated from one source when it actually was sent from another. Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information.

Spoofers don’t necessarily have to have access to your account. In fact, generally it has nothing at all to do with your account, and your account is quite safe.

Spoofers only need a legit email address

For further assurance, spoofing does not mean that your computer is infected by a worm, virus, spambot, zombies, etc. and sending out messages from your address book.

It could be that "someone's" machine containing your email address in the address book is infected or hijacked and sending out messages with your email address randomly taken from the infected machine's address book.

Or your email address is on a website somewhere and the spoofer happened to use it. Either way it doesn't mean you have done anything.

 

                                               email spoofing

How it's done

Spoofers or spammers setup an email client or program, such as Outlook, Thunderbird, or something they have created. They start with the display name. All this is used for is the name that's displayed on the "From:" line in emails sent. Normally this would be your own name, but in reality it can be whatever you like. Therefore if a false email address is used, this will be what shows to the email recipient. As a result, if the email address in the "To:" line isn't active the false email used will receive the bounce back message, it is a legitimate email address afterall.

It's not until later that the spoofer separately specifies the actual account name and password they need to login to their mail server to send and receive email.

So here's the key, to send email appearing to be from someone else, all they need to do is create an email account in an email program using their own email account information, but specifying someone else's email address. Then typically they will use a spamming program to send mass emails to either spread viruses, send links to other sites or whatever.


Reaction


What Can You Do

Even using these steps may not solve the problem. Since a Spoofer doesn't necessarily need access to spoof an email account it is a difficult problem to solve.

 

Web  URL :-- 

==========

http://en.wikipedia.org/wiki/E-mail_spoofing