Hi friends, After the article about SMS
spoofing, today i will share with you basic idea about What is email
Spoofing? How email spoofing works? What are the different ways to send spoofed
emails? Can we detect spoofed emails or not? In my later hacking
class tutorials i will explain you how to send spoofed emails using email
spoofing tools or by simply web applications. So Let's start from very basic..
What is Email Spoofing?
Email spoofing refers
to the process of sending an email message from one source, but making it
appear as though the email was sent from a different source. For example, an
email originates from user@domain.com but it appears to be from
email@address.com. Another method of spoofing is to make the message appear to
come from an unknown user within your domain name. For example, the message
appears to be from support@yourdomain.com.
This does not mean that your email account was compromised. It means that the sender has fooled the mail client into believing the email originated from a different address.
This is usually done for malicious reasons, either to distribute unsolicited email or to distribute email viruses. Unfortunately, there is no real way to prevent spoofing from occurring. If you receive an email that has questionable content, it is recommended to delete the email message or use an antivirus program to scan the message before opening it.
This does not mean that your email account was compromised. It means that the sender has fooled the mail client into believing the email originated from a different address.
This is usually done for malicious reasons, either to distribute unsolicited email or to distribute email viruses. Unfortunately, there is no real way to prevent spoofing from occurring. If you receive an email that has questionable content, it is recommended to delete the email message or use an antivirus program to scan the message before opening it.
I will recommend
users to read the following article to know about How email works:
How Does Email Spoofing Work?
Basically,
email spoofing alters the email header to make it appear as though it
originated from a different source address. This is possible due to the simple
mail transfer protocol (SMTP) not supporting any type of sending
authentication. Originally, email spoofing was used for legitimate reasons when
someone wanted to send mail appearing to be from their email address when
logged on to a network that was not their own. Nowadays, it is commonly used
for sending spam or malicious mails means for sending viruses or phishing page
links or simply spreading the botnets. The email fields can be edited in many
email clients and automated spam and hacker tool kits that are currently
available in the market or you can also also edit them manually if you know
little bit of programming and hacking.
Why do People Spoof Email?
Email is primarily
spoofed for one of two basic reasons:
1 – Spam means for
Email marketing or spreading a message to several users.
2 – To conduct a
phishing or spear phishing attack.
If you want to learn
more about phishing then i will recommend you to read this article:
Spammers will spoof the “from” field many times in order to hide their identity from the email recipients. The message body will have advertisements, or links to offers the spammers are trying to sell to the recipients. They change the “From” field in the email in order to make it harder to determine their identity and avoid complaints from the end-user.
Those who spoof email
for malicious intent are simply called Crackers and they typically do so as
part of a phishing attack that is for sending phishing page links. They will
spoof the email to be from someone else on the same domain as the receiver. In
a spear phishing attack, the email may be changed to be from a legitimate
friend or co-worker of the person receiving the email. This results in a greater
possibility of the targeted person opening the email and falling victim to
malware or spyware attack.
What are the Techniques to Spoof
Email?
Although it is
straight forward to change the “From” field in an email header, the email can
still be traced to the sender. But most of the major ISP maintain
“black lists” to ban known senders of spam from sending email traffic to users
on their network(s). As a result, spammers have now evolved to using
specialized software to create a random sending email address. These email
addresses will rarely be active or used for a second time.
Another technique
used by those conducting spear phishing attacks is to hack the account
password(s) for one or more people in the organization or some normal victim.
Once its hacked, the emails in the address book are used to conduct additional
attacks by placing those in the “From” field in email making them to appear to
be legitimate. This same technique is also used by email worms(botnets) to
self-propagate through unsuspecting users opening infected email sent by the
respective worm.
Can Spoofed Emails be Detected?
Now a major question
arises that can we trace such activities that is email spoofing. Answer is
simply no if user is smart enough that is he has used a proxy server while
sending the spoofed email and answer is Yes if a novice hacker has send it
without spoofing his IP address.
I would recommend you
to read this article to hide your IP and remain anonymous while sending emails
and performing such hacking activites:
Many people
mistakenly believe that sending spoofed email The IP address used to send an
email is logged and is traceable. This address can then be used to
cross-reference with the ISP DHCP records to determine who sent the email. If
you are simply trying to trick your sibling or friends, it will appear to be
from the “faked” email address. This is why spammers and hackers will not send
spoofed email from their own IP address(es), instead routing the spam through
other destinations before sending it to the desired recipients.
0 comments:
Post a Comment