Email Spoofing – What Is It, And What Should Know

Good morning, everyone. Kevin Baylor here, Alliance IT. Hope your day is going well and I want to talk a little bit about one of our favorite topics of spoofing. So, as you can see, I’ve written “Spoofing” up here as our topic. And well, actually hopefully guess what? It really wasn’t me. You were being spoofed. Thanks Mike. I appreciate it.

Spoofing – somebody who’s being somebody they’re not or something appears to be what it’s not. And everybody goes into a panic. “Oh no, I’ve been hacked! I’ve got something on my system. I’m spoofed! Oh, the system is going to crash.” Stop! Relax. Unfortunately, spoofing is pretty much part of our daily lives anymore. Somebody is sending something out to be somebody else to somebody else to get something, whether it’s money, information or they’re just bored and they’re having a good old time wasting our time.

So, if you get an email that’s spoofed that means somebody sent an email to you that looks like it came from somebody else but it really didn’t. That’s all it means. It doesn’t mean you’re infected. It doesn’t mean your systems are compromised. It means somebody got your information and the “sender’s information” from somewhere. That’s all it means. It could have come off of a website. It could’ve came out of a database. It could have come from anywhere. So, let’s look at this visually a little bit just to kind of give you an idea and not necessarily make you complacent to spoofing and its potential risks but don’t go into full-blown panic mode if you get a spoofed email. Or, if your brother or sister whoever gets spoofed email.

So, we’re going to have Joe. And Joe works for Company ABC. So, Joe is an engineer. He’s working for Company ABC and over here he’s got his work email list. So, you know he’s got his boss and his manager and all these different people down here that Joe emails all the time. And then over here, Joe has got as friends and we know that you know nobody ever emails anything personal from their work address, right? Never. Sure. So, Joe has got as friends that he emails. And over here, Joe has got his personal vendors that he deals with, you know he’s emailing his credit card companies and FPO and AT&T and everybody else. So, Joe kind of has three buckets of email addresses that he works with all the time.

So then all of a sudden, we’re going to say that his friend Bob who he works with knows his mom. So all of a sudden, Bob was going to send an email to Joe’s mom. But guess what? Bob is not really sending the email. It’s going to Joe’s mom but Bob has not really sent an email. Bob got spoofed. Well, how did Bob get spoofed? We don’t know. It could again come from the company website, you know maybe Bob’s out there and he’s doing marketing and his name and email address are out there. Maybe Bob has another list of emails that he works with and one of those people got compromised and they also happen to know Joe’s mom.

So, all of this is going on and maybe Joe’s system never did get compromised or maybe it did, potentially somebody got a virus on there and they grabbed his email address and that’s how they got the information. But that’s not guaranteed how it happened. But regardless, Joe doesn’t know this is going on but poor Bob was going to get an email from Joe’s mom going, “Hey why did you email? What’s going on?” Bob going “I don’t know. I didn’t send you an email address.” He goes to his sent items, it’s not there. Now, Joe’s mom is going back to Joe and going “Hey, why did Bob email me?” And Joe’s going “I don’t know, go ask Bob.” “I did. He said he didn’t.” So, Joe is now going to go ask Bob.

And all this is going on interrupting time, work time, taking personal time away, causing confusion, causing stress and it’s all because somewhere along the line somebody’s email address got spoofed. It doesn’t mean Joe’s mom’s computer is infected. It doesn’t mean Bob’s computer is infected. Maybe Bob’s computer is infected. We don’t know. We don’t necessarily know where that source came from. Did they do anything else malicious? Probably not but maybe.

The biggest thing is Bob’s email address got spoofed somehow, some way. It doesn’t mean really anything else critical happened. It could be something else critical happened. It could have spread to everybody else on the network if it was Bob’s computer and the whole network is infected. Again, maybe not.

Should you change your email password? Sure, it doesn’t hurt to change your email password. It’s a very simple thing to do, very simple preventative measure. However, it also could be prudent for you to go and scan your systems to make sure you don’t find any infections. But also don’t go jumping off the ledge thinking that the world is ending. We’ve been completely hacked. We’ve lost all this information just because you received a spoofed email address.