E-mail spoofing is the forgery of an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source. Distributors of spam often use spoofing in an attempt to get recipients to open, and possibly even respond to, their solicitations. Spoofing can be used legitimately. Classic examples of senders who might prefer to disguise the source of the e-mail include a sender reporting mistreatment by a spouse to a welfare agency or a "whistle-blower" who fears retaliation. However, spoofing anyone other than yourself is illegal in some jurisdictions.
E-mail spoofing is possible because Simple Mail Transfer Protocol (SMTP), the main protocol used in sending e-mail, does not include an authentication mechanism. Although an SMTP service extension (specified in IETF RFC 2554) allows an SMTP client to negotiate a security level with a mail server, this precaution is not often taken. If the precaution is not taken, anyone with the requisite knowledge can connect to the server and use it to send messages. To send spoofed e-mail, senders insert commands in headers that will alter message information. It is possible to send a message that appears to be from anyone, anywhere, saying whatever the sender wants it to say. Thus, someone could send spoofed e-mail that appears to be from you with a message that you didn't write.
Although most spoofed e-mail falls into the "nuisance" category and requires little action other than deletion, the more malicious varieties can cause serious problems and security risks. For example, spoofed e-mail may purport to be from someone in a position of authority, asking for sensitive data, such as passwords, credit card numbers, or other personal information -- any of which can be used for a variety of criminal purposes. The Bank of America, eBay, and Wells Fargo are among the companies recently spoofed in mass spam mailings. One type of e-mail spoofing, self-sending spam, involves messages that appear to be both to and from the recipient.
Resources from around the Web
This document provides a general overview of email spoofing and the problems that can result from it. It includes information that will help you respond to ...
CERT Advisory CA-1996-21 TCP SYN Flooding and IP Spoofing Attacks
This advisory supersedes the IP spoofing portion of CA-95.01. ..... 19, 1996 Updates - corrected Sun Microsystems security-alert email address. Dec. ...
Email Spamming and Email Spoofing
This document gives advice on the what email spamming and spoofing is.
E-mail spoofing - Wikipedia, the free encyclopedia
E-mail spoofing is a term used to describe fraudulent email activity in which the sender address and other parts of the email header are altered to appear ...
G4 - Feature - What is Email Spoofing?
Email spoofing is the practice of changing your name in email so that it looks like the email came from somewhere or someone else. ...
Find out how email security gateways can protect enterprises against email attacks.