What Is E-Mail Spoofing?

Article Details
  • Written By: Melanie Smeltzer
  • Edited By: Daniel Lindley
  • Last Modified Date: 18 February 2018
  • Copyright Protected:
    Conjecture Corporation
  • Print this Article
Free Widgets for your Site/Blog
About 90% of lupus patients are women; the exact cause is unknown, but certain genes may increase susceptibility.   more...

March 19 ,  2003 :  Operation Iraqi Freedom began.  more...

E-mail spoofing is the act of altering certain e-mail header fields to make them appear as if they originated from a different sender. Although this act is sometimes done for legitimate reasons, it is more frequently done for fraudulent purposes. Considered a form of spam, e-mail spoofs are typically sent out in order to obtain sensitive or personal information from the person receiving the e-mails.

Simple Mail Transfer Protocol (SMTP) is a common protocol for sending electronic mail across different Internet protocol networks. Although SMTP is standard, it is not very secure, as it does not provide e-mail authentication. Thus, e-mail spoofing is thought to be a simple process. It is most often done by changing the name or e-mail address that appears in the header section of the e-mail to make it look as though it came from an authoritative source. More complex forms generally consist of the spammer manipulating certain information and sending e-mails through open relay SMTP servers.


A spammer may use e-mail spoofing for several reasons. In many cases, fraudulent e-mails are sent to obtain personal information, such as passwords or credit card numbers. They may also contain malicious material, such as viruses. Phishing e-mails, or those sent to obtain personal information, may claim that the user must change his or her password on a certain Web site or may state that the user's bank urgently requires an update on personal information, such as credit card or checking account routing numbers. Malicious e-mail spoofs can contain viruses that are either destructive to the user's computer or help the spammer acquire information about the user's e-mail habits, sensitive documents, or e-mail contacts.

Although it can be difficult to detect e-mail spoofing in some cases, certain clues often can indicate that the e-mail received has been forged. For instance, it is important to keep on eye on writing style, as most companies and Web sites have a standard way in which they relate to their users. Hovering the cursor over any links in the text is another way to see if the e-mail is legitimate. Spoof e-mails will often contain a string of numbers and letters that do not display any information pertaining to the Web site that the e-mail is claiming to be from. Researching certain header fields, such as the Return-Path or From fields, may also be necessary.


You might also Like


Discuss this Article

Post your comments

Post Anonymously


forgot password?