Email spoofing explained: Who does it and how?

Email spoofing definition

Email spoofing is forging email so it looks like it came from someone it didn’t. I learned to spoof email in the fall of 1993 during my sophomore year at Northwestern. An upperclassman in my dorm showed me. At that time, we read our email by telnetting into the campus mainframe and then using elm, the precursor to Mutt.

“Look,” he said, “You just change the “From” header to whatever you like. Don’t–don’t–ever do this for real or we’ll both get in trouble.” I never did.

For several decades email spoofing was that easy, and only in recent years have security mitigations for this problem been tacked on as a late afterthought. Kludges like SPF, DKIM and DMARC make email spoofing harder than it used to be, but these band-aids are not universally applied and workarounds remain for scammers and spammers and phishers to spoof.

To read this article in full, please click here

Read more: Email spoofing explained: Who does it and how?

Story added 4. May 2020, content source with full text you can find at link above.