Email spoofing is the act of forgery of an email header with the plan to appear valid from a trusted or familiar source. Email spoofing is a popular tactic used to gather information. Often paired with popular scams can be a dangerous combination. If you are not on guard or familiar with these tactics it can be easy to fall victim to them. The originator's true intention is to attempt to trick recipients into providing sensitive data such as personal information, banking or credit card information, and passwords.
Scammers frequently will use fear-tactics and urgency to try to invoke an emotional response to oblige whatever was requested. These are designed to remove your guard and put doubt in your mind. Email spoofing and phishing are almost always hand-in-hand.
Phishing is a type of structured cyberattack that contacts the target(s) via email, phone or text message. Common targets of phishing attempts are, but not limited to, small and large businesses. The originator will use social-engineering to appear legitimate using tactics like Email Spoofing to help with there malicious pursuit.
Common Characteristics of Phishing Emails
The Feeling of Too Good to be True
The alure of financial gain with little effort. Attention-grabbing statements are designed to attract people to execute the requested actions immediately.
Fast action with a looming time restriction for the recipient to act quickly before it is too late. Scammers will use this popular tactic to strike fear and void better judgment of recipients.
Ransom / Blackmail
Threatening action unless specific actions are not obliged. This type of scam is becoming more popular as scammers evolve. Claims of access to personal social media, email, and/or banking accounts will be insinuated. These types will often request for you to send money or Bitcoin to release the scammer's control over the suggested account.
Hyperlinks my not appear what they seem. Hovering over links before clicking them will show you the destination URL of the hyperlink. Review the URL before clicking, often scammers will purposefully miss-spell popular website to mislead recipients.
Strange attachments that were unexcepted or that do not make sense-- avoid. They can contain malware or spyware.