Spoofing is the term use for impersonating an email sender’s identity, in other words “Electronic- Identity Theft” (EIT) and such procedure is considered a forgery and a fraud. In many occasions if you are able to read the email headers, you can identify the email address of the sender. Sometimes you can’t when the spoofer connects directly to an email server. The headers of these emails show that the email was sent from an account owner’s email server, not the email server of the spoofer. Normally when you receive a postal letter, you see the return address in the top left corner of the envelope, this indicates where and who it is from. But, the sender can write any name and address too. No one can guarantee that the contents of the envelope are from the sender identified in the top left corner of the envelope. Emails are not different it all.
SMTP (Simple Mail Transfer Protocol) is used to send outgoing email. SMTP does not require authentication of the sender. As email account holders, we do not have control or access to the email server sending our emails. The way to prevent spoofers from forging your email address is to use encryption software. Encryption verifies that the email hasn’t been altered or tampered with in transit. It also verifies that the email was sent from whom can be identified as the sender in the email.
Mostly, home users don’t use email encryption on a general basis as much as they should. Perhaps companies that offer email services to the general public should consider offering encryption services as part of their online safety optional packages and security-services. Whatever the reason for spoofing, the goal of spoofed mail is to hide the real identity of the sender.
There are about four categories & reasons to spoof an email:
* Computer infectors either want to cause confusion or simply don’t care which sender address is used. They want the recipient to believe the forgery so the email will be read or the email attachment will be clicked on- and open so they can complete the mischief they were sent to do.
* Fraudsters want to mask the real purpose of the email and hide their identity. These spoofers want the recipient to believe the email is from a respected or known company or individual so the recipient will: purchase the illegal product or service, purchase the legitimate product or service, take the money then not deliver, or, believe the harassing, defamatory or illegal content was sent from an unsuspecting known rival or competitor.
* Phishers want to impersonate familiar companies and individuals so they can steal personal and financial information from unsuspecting e-mail recipients.
* Spammers want to avoid being caught for violating anti-spam laws and they also don’t want notices sent to their real email addresses saying that an email was not able to be delivered, just like when you receive a “Private Call-Phone #” and you try to call back you cannot because the caller’s information does not show or appear so you can contact them.