Email Spoofing
What is Email Spoofing?
Email SpoofingForging email headers so a message appears to come from a trusted sender, typically to enable phishing, fraud, or malware delivery.
Email spoofing exploits the fact that SMTP does not natively authenticate the sender. Attackers manipulate the visible From header, the envelope MAIL FROM, the display name, or use look-alike domains and Unicode homographs to impersonate executives, brands, or business partners. Spoofing is the foundation of phishing, business email compromise, and invoice fraud. Defences are primarily protocol-based: SPF, DKIM, and a strict DMARC policy with reject/quarantine alignment, plus inbound anti-spoofing checks, display-name lookups, banner labels for external mail, and verified-sender programs such as BIMI.
● Examples
- 01
An email with a forged From: ceo@company.com asking finance for an urgent wire transfer.
- 02
A vendor look-alike domain (acme-corp.co instead of acme.com) sending fake invoices.
● Frequently asked questions
What is Email Spoofing?
Forging email headers so a message appears to come from a trusted sender, typically to enable phishing, fraud, or malware delivery. It belongs to the Attacks & Threats category of cybersecurity.
What does Email Spoofing mean?
Forging email headers so a message appears to come from a trusted sender, typically to enable phishing, fraud, or malware delivery.
How do you defend against Email Spoofing?
Defences for Email Spoofing typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Email Spoofing?
Common alternative names include: Sender spoofing, From-header spoofing.