November 10, 2017
Ever gotten a strange email from a friend that just doesn’t seem right? You’ve been spoofed.
It turns out that spoofing email addresses is not hard to do at all. Basically all you need is a working SMTP server ( a server that can send emails) and the right mailing software. That’s it. This is something you simply can install on your own, which is why phishing remains a huge problem. A spoof email can look like it’s from anyone. One of your friends, mom, dad, sibling etc when it’s not.
Here’s what you can do to protect yourself from it:
1. Turn up your spam filter, and use tools like Priority Inbox:
– To set your spam filters a little stronger is a good start to prevent these emails. If you use Priority Inbox, you let the mail server figure out the important people for you.
2. Learn to read message headers, and trace IP addresses:
-To track down the source of spam. You can do this by look at the IP address of the sender and see if it matches with the previous emails of the same person.
3. Do not click unfamiliar links or download unfamiliar attachments!:
-Use some common sense. Pay attention to the emails you get, is it something you’re expecting or not? What does it contain? Keep your computer’s antimalware updated.
4. Audit your email to see how it responds to SPF and DMARC records:
-Alternatively, check your junk mail folder. If you see messages there from yourself or from people you know, ask your web host if they can change the way your SMTP server is configured. Or switch mail services.
5. If you own your own domain, file DMARC records for it:
-Read up on how to file DMARC records and update yours with your domain registrar. If you you’re not sure how, they should be able to help.