Email Spoofing Explained
If you suddenly find that you are receiving a lot of 'bounced' or undeliverable emails to a particular email address with us, or replies to a particular email that you have never seen before then chances are someone has spoofed your email address.
What is email spoofing?
This is where someone puts your email address as the 'reply to' address on emails they send out.
Who would want to do this?
The majority of the time it is someone sending out spam or phishing emails.
Why would someone want to do this?
Usually because they want to "hide their tracks". Quite often spam email does not need a reply (as the spammers just wants you to read the email and select a link).
Many users also do not realise how easy it is to spoof an email address, so think that just by replying to an email then you will be contacting the person who sent it, and the "reply-to" address in the email must be genuine.
So how can be email address be spoofed? Have I been hacked?
No, it is very simple.
Even a common email program like Microsoft Outlook or Mozilla Thunderbird has a field for "reply-to" or "email" address and you can put anything you like in there. It works the same way with spoofers.
A common analogy is that there is not much difference between someone spoofing your email address to someone doing a door-to-door leaflet campaign with your telephone number on the leaflets.
Is there no way to combat this?
No, as it is basically the way email works
How do I find out who really sent me an email if I can't trust the "from" field?
Check the message headers. this will show the IP address on the actual server the mail was sent from. You can then perform look-up's to get more details of where this server is based.
What can I do about all the replies/bounce-backs?
It is really just a case of deleting them. You might like to set up a mail rule in your email client so it does it automatically.
Last Updated: 20/01/2015
Article ID: 1112