Recognizing Email Impersonation Tactics

Email impersonation, a favored strategy by malicious actors, aims to deceive email users by masquerading as a reputable individual or entity. These perpetrators employ advanced methods to orchestrate email-based attacks effectively.

Understanding Display Name Deception

A prevalent form of this deceit involves altering the display name in an email, while the actual sender's address remains untouched. This tactic is primarily adopted to mimic a message from a familiar contact with minimal effort. Known variously as Business Email Compromise (BEC), Whale Phishing, or VIP/CEO Fraud, this strategy is alarmingly common.

Illustrative Case:

In instances like this, tools such as Thexyz Spam Quarantine reveal that both the Sender and From addresses match, but the name shown in the From field has been altered. This subtle change is a hallmark of display name spoofing.

The From Address Spoofing Technique

Another widespread technique is forging the "From" address, making the email appear to originate from a trustworthy source when viewed in an email client. This can be especially misleading when users quickly scan their emails.

Example for Clarification:

The simplest method to identify such spoofing is by consulting Spam Quarantine' log search, where discrepancies between the Sender and From fields are evident. Alternatively, examining the email headers for differences in these fields can also uncover such deceit. This kind of scrutiny can reveal the mechanisms behind From address spoofing, emphasizing the need for vigilance in email communication.

  • 345 Usuários acharam útil
Esta resposta lhe foi útil?

Artigos Relacionados

Receiving Spam

There are many reasons why you may be receiving spam in your Inbox.  It's possible that these...

Best practices for sending emails to many recipients

Sending an email to many recipients is a common practice of spammers. As a result, most mail...

I received an error saying my mailbox has been detected sending spam

If you received an error stating that you have been detected sending spam, this means that...

I need to add a domain to the Blocklist

Blocklist a DomainIf you wish to block messages from a particular sender, you can block that...

Someone else is receiving a bounceback message when sending to me

Common Bounce Messages Explained SMTP Responses SMTP responses provide a brief...