Tech Tip: "Spoofing" and "Phishing" Emails

Tech Tip: "Spoofing" and "Phishing" Emails


Barbara Eastman

3/7/2013

A topic of conversation at the conference center recently has been about "spoofing" emails that folks have been getting from other nyac email addresses and other institution which vaguely appear legitimate. These are probably "phishing" attempts.

Spoofing — An email with the "sender" address appearing to be someone it's not.

Defined by Wikipedia:
Email spoofing is email activity in which the sender address and other parts of the email header are altered to appear as though the email originated from a different source. Because core SMTP doesn't provide any authentication, it is easy to impersonate and forge emails.

Although there may be legitimate reasons to spoof an address, these techniques are commonly used in spam and phishing emails to hide the origin of the email message.
 

Phishing — Spoofed emails that arrive with links to banks, credit card companies, etc. that go to a forged Web site.

Defined by Wikipedia:
Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing emails may contain links to websites that are infected with malware.

Phishing is typically carried out by e-mail spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

I realize that getting a spoofed email from what appears to be a colleague is sometimes disconcerting. There is not a lot anyone can do about blocking these emails.

If you receive an email from what appears to be a legitimate email address, but the content looks suspicious:

  • If comes from someone you don't know, just delete it.
  • If the person is a colleague, business contact, friend or family member, call them (or walk to their desk) and ask if the message is legitimate.

NEVER click on a link or open an attachment in a suspicious email — you will open yourself up to identity theft and open up your computer to viruses, Trojan horses, etc. If you get an email from your bank, credit card company, or other companies with whom you have an online account asking you to log in and update your information, don't click on the link. Go directly to their Web site through your browser and see if there's a message about them needing updated info. That's the only safe way to manage this.

When you get a spoofed email, just delete it and think about how fortunate we are to have email in the first place — warts and all!