Find out how to tell if your e-mail has been “spoofed”—and what to do
By Matt Smith
Not all spam e-mails are obviously spam: sometimes the sender appears to be a legitimate business or even a friend or relative. In what’s known as spoofing, spammers send messages using someone else’s e-mail address to sneak past spam filters and into your inbox. If you’re not careful, you can end up being tricked into clicking malicious links that you would otherwise ignore.
If you receive an e-mail that seems fishy, it’s always best to treat it with caution, regardless of who the sender appears to be. You may notice the telltale signs of spam: little or no detail in the e-mail’s subject line (“This may be of interest” or even “You have to see this!”), few or jumbled words in the message, and unfamiliar links with little explanation.
A closer look at the message header (the e-mail equivalent of addresses on an envelope) will reveal whether or not the sender’s name and address actually line up. (You should see a button labeled “expand header,” “show original,” or something similar near the top of the e-mail).
If the e-mail address doesn’t match the one in your address book, you should delete the message and inform the contact that he or she has been a spoofing target. If the address does match, but the message still seems suspicious, his or her account has probably been hacked.
What can you do if you’re the one whose address has been spoofed? Not much—you can’t really prevent someone from impersonating your address; fortunately, however, you don’t have too much to worry about because spoofing doesn’t give the spammer access to your account.
But you can can take steps to cut down on the chances of having your address spoofed in the future. For safety’s sake, change your e-mail password, and notify your contacts to be on the lookout for fraudulent mail coming from your address. You should also want to run virus scan and anti-malware apps on your computer to ensure that you haven’t picked up any kind of bug.
There are also steps that you can take to prevent cyber criminals from finding out your e-mail address. Never respond to any spam messages—that’s a surefire way to get your e-mail added to a list. Check your privacy settings on social media to make sure that your address isn’t visible publicly. You may even want to set up a separate e-mail address that you use only for signing up for accounts, to keep your private life at arm’s length.
Photo: iStock/Rawpixel.