Think about this scenario: A friend tells you that they received a message from your email address that wasn’t really sent from you. They think you’ve been hacked and your account is sending malicious emails to friends. How do you know if your email address account has been compromised, or if this malicious attempt is just spoofing your email address?
Email “spoofing” means that an attacker is impersonating you by pretending to send an email from your account. The recipient of the email will see your email… but if you dig deeper into the email message’s contents, you can often see whether the email was truly sent from your account or only made to appear so.
This type of impersonation is possible because email messages can show a difference between “display” information and the actual information embedded in what’s called the “email header”. Spoofing is an attempt to forge the email header, taking advantage of email protocols’ lack of authentication.
How do you view an email header or the “original message”?
- In Gmail, while viewing the email, click the More icon (three vertical dots) at the top right and select “Show original” from the list.
- In Outlook, open the email, then go to File > Properties and look in the Internet headers
If the authenticated sender, or “from” address, in the email’s properties matches your email address, then your account was compromised. But if the sender’s email address in the properties isn’t your address, then it may have simply “spoofed” your email while actually sending from a different account.
It always pays to check email message discrepancies. Keep an eye out for display names and “from” addresses that don’t seem to match each other, or don’t match the original message properties.
Bryan Antepara: IT Specialist
Bryan Antepara is a leader in Cloud engagements with a demonstrated history of digital transformation of business processes with the user of Microsoft Technologies powered by the team of eMazzanti Technologies engineers.
Bryan has a strong experience working with Office 365 cloud solutions, Business Process, Internet Information Services (IIS), Microsoft Office Suite, Exchange Online, SharePoint Online, and Customer Service.
He has the ability to handle the complexity of moving data in and out of containers and cloud sessions, makes him the perfect candidate to help organizations large and small migrate to new and more efficient platforms. Bryan is a graduate of the University of South Florida and is Microsoft Certification holder.