What is Email Spoofing and How to Prevent It

Email Spoofing

You receive a strange email coming from your own account—from you to you! An email that you have never wrote bounces back to you. Your friends ask why you keep spamming them with suspicious emails. Do these ring a bell? If yes, then your email account has been spoofed. Email spoofing is a forgery of an email account by a spammer to use it to send out emails to their contact list from you. The Q&As below will tell you more about the problem and how to tackle it.

How and why do spammers spoof my email address?

They put your email address in the From: field instead of their own. By using your email address, spammers want to make it seem like the message is actually from you so that a recipient is tricked into opening it. And, in this case, they won’t be caught. Note, however, that although spammers use your email address, their messages originates from their own email account and are sent from their email server.

How do I know if my email address has been spoofed?

You won’t know until some of these emails bounce back to you as a delivery failure. This happens when a recipient deactivated his email address, so naturally, the email bounces back to the sender, which is you, although you never initiated the message. You may also find out that your email address has been spoofed when someone you know happens to be on the spammer’s email list and they let you know about a suspicious email coming from you.

Is spoofing the same as hacking?

In order to spoof your account, spammers don’t need to access your account. They simply put your email address in the From: field to send emails. A hacked email is a different thing. It means someone or something, such as person or a virus, has gained access to your email account. How will you know? You will be locked out of your own account. And your friend will warn you about strange emails that keep streaming from your account to his.

Is spoofing a common problem?

Yes. Spoofing is especially common if you have a domain email address. Simply put, if you have a domain like sampledomain.com and email addresses that end with @sampledomain.com. Spoofed accounts are common with domain email addresses and hacked accounts occur with mail providers such as Yahoo, Gmail, or Hotmail.

Is there any technical solution to the spoofing issue?

As soon as you notice the problem, call your web hosting company and have them set up an SPF (Sender Policy Framework) record on your hosting account. Domain email addresses with SPF records are not easy to spoof.

What else can I do to protect my account from spammers?

Set up Domain Keys Identified Mail (DKIM) on your own domain. Also, adjust your spam filter to identify spoofed emails. It is also a good idea not to click on any suspicious links that arrive in your mailbox.