Spoofing Email
Dear Members of the Association,
Over the past while notifications have been received from our members that they are receiving odd emails from known senders. Requests for a favour, usually a loan of money are the most common. The most disconcerting part of this phenomenon is that, as mentioned, these requests come from known persons.
In the IT world this is known as “spoofing”. Spoofing is defined as, “the act of disguising a communication from an unknown source as being from a known, trusted source”.
The intention of spoofing can be to gain access to your personal information and spread what is called “malware” which can be used to get past the security on your computer and in some instances send out more spoofing messages based on the information in your computer.
A Definition of Email Spoofing:
“Email spoofing occurs when an attacker uses an email message to trick a recipient into thinking it came from a known and/or trusted source. These emails may include links to malicious websites or attachments infected with malware, or they may use social engineering to convince the recipient to freely disclose sensitive information. Sender information is easy to spoof and can be done in one of two ways:
- Mimicking a trusted email address or domain by using alternate letters or numbers to appear only slightly different than the original
- Disguising the ‘From’ field to be the exact email address of a known and/or trusted source How to protect against spoofing attacks
“The primary way to protect against spoofing is to be vigilant for the signs of a spoof, whether by email, web, or phone. Do, when examining a communication to determine legitimacy, keep an eye out for:
- Poor spelling
- Incorrect/inconsistent grammar
- Unusual sentence structure or turns of phrase
These errors are often indicators that the communications are not from who they claim to be.
Other things to watch out for include:
- The email sender address: sometimes addresses will be spoofed by changing one or two letters in either the local-part (before the @ symbol) or domain name.
- The URL of a webpage: similar to email addresses, the spelling can be slightly changed to trick a visitor not looking closely.
Don’t click on unfamiliar links or download unfamiliar/unexpected attachments. If you receive this in your email, send a reply to ask for confirmation. If an email address is spoofed exactly, the reply will go to the actual person with the email address—not the person spoofing it.
Don’t take phone calls at face value; be wary of the information the caller is requesting. Google the phone number presented on the caller ID to see if it’s associated with scams. Even if the number looks legitimate, hang up and call the number yourself, as caller ID numbers can be spoofed.
Spoofing can sometimes be easy to spot, but not always—more and more, malicious actors are carrying out sophisticated spoofing attacks that require vigilance on the part of the user. Being aware of different spoofing methods and their signs can help you avoid being a victim.”
The Association has changed some of the security settings on our IT management system to detect any possible spoofing instances.
If you receive a suspicious email please be guided by the foregoing instructions. If it is from someone you know please contact them by an alternate means to check the veracity of the email.
For Windows 10 users, Microsoft does have a very robust built-in security system that is quite effective in stopping these kinds of attacks. You can check to ensure that Windows Defender is turned on by typing “defender” into the search box in the bottom row of your screen. You will then be presented with a listing of the status of the application. For iOS (apple) users rumour in February 2020 had it that Apple would be adopting the Defender software as well. We are not aware if it is operational as of now, however the same rules apply to Apple when view incoming emails.
For peace of mind a good software to have on board is Malwarebytes. It is free in a slightly restricted version or there is a premium version. The free version works quite well but you have to initiate your own scans and ensure that the software is up to date. It is available for both Windows and Mac.
Malwarebytes can be downloaded from here.
James Forrest
Director of Communications
RCMP Veterans’ Association |