Spoof Email Address

    Mimecast's anti-spoofing technology identifies website spoofing, email spoofing, DNS spoofing and other forms of fraud.

    Geïnteresseerd in meer informatie?

    Plan een demo

    How attackers spoof an email address

    Email spoofing is one of the most frequent types of cybercrimes. Spoofing an email address means that the sender is posing as someone else in an attempt to gain the trust of the recipient. Attackers frequently spoof an email address as the first step in a spear-phishing campaign or business email compromise attack. Spammers spoof email addresses to increase the chances that recipients will open an email and respond to it.

    There are a number of ways that attacker can spoof an email address. Changing the display name – the name of the sender that is visible to recipients – may be the most common. Attackers use this method to pose as a trusted individual or a trusted brand while encouraging the recipient to take action that benefits the attacker. Attackers can also spoof an email address by using a legitimate email address in the "From" header, exploiting security holes in standard email protocols. Using look-alike domains is another way to spoof an address. With this method, attackers may substitute numbers or characters from other scripts like Cyrillic for letters in the email address, or create a new domain name that has only very subtle differences from an actual legitimate domain.

    No matter how attackers spoof an email address, the results can be devastating. Email recipients may be duped into revealing sensitive information like credit card data or Social Security numbers. They may be tricked into revealing login credentials that give attackers access to corporate networks. Or they may even be fooled into wiring a money transfer to a fraudulent account.

    Stopping email spoofing – as well as website spoofing, DNS spoofing and other forms of fraud – requires state-of-the-art anti-spoofing technology that can keep pace with the rapidly evolving and sophisticated attack methods. That's where Mimecast can help.

    How attackers spoof an email address

    Stop spoofing with Mimecast

    Mimecast is a 100% SaaS-based service that offers all-in-one solutions for email and web security. As a cloud-based solution, Mimecast can be deployed quickly and cost-efficiently to begin protecting your organization and users right away. And with the ability to manage all solutions from a single pane of glass, Mimecast reduces the burden on IT administrators while minimizing the cost and complexity of protecting your organization from a wide range of threats.

    Mimecast offers several solutions that address the multiple ways attackers can spoof an email address. These technologies are part of a comprehensive suite of security solutions that includes:

    • Email security. Mimecast Email Security with Targeted Threat Protection defends your organization and users against a wide range of email-borne threats – from spear-phishing and zero-day attacks to malware, spam, malicious URLs, internally generated threats and more.
    • Web security. Mimecast Web Security monitors the DNS layer, blocking access to malicious web activity and protecting employees and guest Wi-Fi users against malicious and inappropriate websites.
    • Awareness training. Mimecast's highly engaging Awareness Training programs help to successfully educate employees about the role that human error plays in enabling attacks and mitigates risky behavior to improve your security posture.
    • Data protection. Mimecast data protection and archiving solutions reduce the complexity of storing and protecting data to improve resiliency and compliance.
    • Threat detection. Mimecast provides actionable threat intelligence that helps you stay current with the evolving strategies cyber attackers are using to target your organization.
    Stop spoofing with Mimecast

    Mimecast
    DMARC Analyzer

    Mimecast DMARC Analyzer protects against email spoofing by simplifying the process of deploying DMARC. DMARC, or Domain-based Message Authentication, Reporting & Conformance, is an email validation system that builds on the widely used Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) protocols. To identify messages where a sender is spoofing the email address by changing the "From" header, DMARC requires that messages are authenticated with DKIM and/or SPF check, and that the information in the "From" header matches the underlying information about the sender.

    Additionally, DMARC Analyzer maximizes the effectiveness of DMARC by providing:

    • A 360° view across all email channels.
    • Simplified DMARC deployment using a step-by-step approach.
    • Easy-to-use, self-service tools to simplify your DMARC deployment project.
    • Alerts, reports and charts that help to achieve DMARC enforcement faster and monitor ongoing performance more effectively.

    DMARC Analyzer also provides a DMARC record checker, SPF validator and DKIM record checker that ensure the validity of records and help to uncover errors that may impact mail delivery.

    Mimecast <br />DMARC Analyzer

    Free DMARC Record Check

    Check My Domain

    Mimecast Impersonation Protect

    Mimecast Impersonation Protect protects against attackers trying to spoof an email address by using a look-alike domain. Impersonation Protect scans all inbound email in real time, searching for any sign that the sender may be spoofing the email address by using domain similarity. Impersonation Protect searches for anomalies in the header, the use of international character sets, recently registered domains and suspicious content in the body of the email. Administrators have full control over how suspicious emails are handled, with options to discard the message, quarantine it or warn the recipient that the email is suspicious.

    Mimecast Impersonation Protect

    FAQs: what it does it mean to spoof an email address?

    What does it mean to spoof an email address?

    When attackers spoof an email address, they are posing as someone else in order to dupe the recipient into opening the email, responding to it or taking action that benefits the attackers. Email spoofing is often used at the start of devastating attacks like spear-phishing, business email compromise, CEO fraud and ransomware.

    How do attackers spoof an email address?

    Spoofing an email address is a relatively simple form of cybercrime. Attackers may change the display name and/or the "From" header in the email to pose as a trusted source, or they may create a look-alike domain that is virtually indistinguishable from a legitimate domain.

    How do you stop email spoofing?

    Preventing attackers from spoofing an email address requires sophisticated technology for scanning inbound email and for taking advantage of industry protocols for authenticating email messages.

    FAQs: what it does it mean to spoof an email address?

    Expert Brand Protection Insights

    Brand protection resources you may be interested in: