Question

Spoofing email is a common occurrence these days. Have you received a spoofed email? Briefly, describe the email and how did you notice it was not legit? Anything else that was odd concerning the spoofed email?

Answer 1

Email spoofing is the method of creating email messages that pranks or misleads the reader about the origin of the message. Its soul purpose is to frame the receiver into believing that the message is from a person they know. Since the emails do not have any authentication protocol so people use them for spamming and sending spoofing mails. Such mails are sent with an intention to trick the receiver into clicking on some link, downloading some script, or may ask him to enter his credentials or other sensitive information. These mails pose a threat not only for an individual but business organizations too. There is a lot at stake in the business world. A single click on any such mail can land the organizations into trouble.

These mails rely heavily on spelling mistakes and similarity in spellings in order to trick the reader, however they are sent from the genuine domains so that the inbuilt security protocols do not classify them under spam or block them.

Yes I happened to receive such an email once. It was the time when Big Billion Day Sale was live. The email contained a link, an order no, delivery date and the time and date of attempted delivery. It apolozised for the unsuccessful attempt of parcel delivery. Please login on the provided link to update your delivery timings. It was quite surprising for me initially because I wasn't expecting any parcel, then assuming a surprise gift from someone since my birthday was approaching i thought of clicking on that link. I had to go to market just then for some urgent work so I postponed it for later that night. But as usual I forgot to respond to that mail that night. I came across that mail after two three days and pondered deeply over that for a few minutes. Then I realized why did the delivery person not call me when he came to deliver the parcel. Every delivery person contacts on phone before delivering the parcel. That was when I came to know it was a trap. Had i not had some urgent work in the market I would have definitely fallen prey to it.

The cases of such spoofing mails have been on the rise. It pose a great threat for big organizations with large workforce and weak implementation of network protocols. All that a hacker wants is a single click on the link by the employee of the organization which is good enough to activate the malicious code hacker has developed and return sensitive data to hacker.  

Hope this helps :)