Problem solve Get help with specific problems with your technologies, process and projects.

Protecting company name from e-mail spoofing

When it comes to e-mail spoofing, what are businesses doing to protect their name? One can set all e-mail to have a digital signature, but that would only be an after the fact situation. One could say it did not come from us. This would help very little if someone sent out false company information.

There is, in fact, very little you can do to stop this in the general case.

In specific, signing e-mail that has official communications is a good idea. Several computer and software vendors (including both Microsoft and Apple) do this. However, if there is someone on the Net who specifically wants to send e-mail spoofed from your company, there's nothing you can do to stop it. E-mail is a worldwide, decentralized system. An open server in Elbonia can send e-mail purporting to be from you or me. This is why spam-fighters want to see all the e-mail headers from purported spammers, because it could be a completely bogus message.

I note, however, that this same problem exists with physical mail. There's nothing that stops someone from writing a letter and putting your company's name to it. It just costs more.

For more information on this topic, visit these other SearchSecurity.com resources:
Best Web Links: Secure Messaging
Tech Tip: E-mail security issues
Executive Security Briefing: Think your e-mail is secure? Think again

This was last published in November 2002

Dig Deeper on Email and Messaging Threats-Information Security Threats

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.