fbpx Skip to main content

Check email header information for signs of spoofing

By December 3, 2018August 16th, 2021Email, Security
Email Spoofing

Think about this scenario: A friend tells you that they received a message from your email address that wasn’t really sent from you. They think you’ve been hacked and your account is sending malicious emails to friends. How do you know if your email address account has been compromised, or if this malicious attempt is just spoofing your email address?

Email “spoofing” means that an attacker is impersonating you by pretending to send an email from your account. The recipient of the email will see your email… but if you dig deeper into the email message’s contents, you can often see whether the email was truly sent from your account or only made to appear so.

This type of impersonation is possible because email messages can show a difference between “display” information and the actual information embedded in what’s called the “email header”. Spoofing is an attempt to forge the email header, taking advantage of email protocols’ lack of authentication.

How do you view an email header or the “original message”?

  • In Gmail, while viewing the email, click the More icon (three vertical dots) at the top right and select “Show original” from the list.
  • In Outlook, open the email, then go to File > Properties and look in the Internet headers

If the authenticated sender, or “from” address, in the email’s properties matches your email address, then your account was compromised. But if the sender’s email address in the properties isn’t your address, then it may have simply “spoofed” your email while actually sending from a different account.

It always pays to check email message discrepancies. Keep an eye out for display names and “from” addresses that don’t seem to match each other, or don’t match the original message properties.


Recent Posts / View All Posts

Disaster Recovery

Importance of a Reliable Disaster Recovery Plan for Your Business

| Email, Managed Services, Security | No Comments
Running a business is not always a smooth-sailing operation. There are often things that could go wrong regardless of how cautious you are or how hard you abide by the so-called rules. Because of this, you should have a good backup and disaster recovery plan in case a disaster happens, like an accident or a cyberattack. There are plenty of BDR solutions for different businesses. You must find the one that fits your needs and will protect your network and data in the best way possible. Understanding Backup Disaster Recovery All businesses deal with important information, like details about transactions,…
Social Media Phishing

Quiz Time: Can You Handle Social Media Phishing Attacks at work?

| Managed Services, Security | No Comments
Our last three blogs have discussed cybersecurity threats and how they affect a business. We have talked about the dangers that stem from various types of malware. We have warned you about the newest cybersecurity risks expected to wreak havoc on businesses soon. And in the face of the ongoing growing acceptance of remote work setups, we have delved into the threats related to working from home. Now, we will now talk about social media phishing. The common thing in all these topics is that they are all linked to phishing. A strong phishing attack can make a network open…
Risks of Working from Home

Addressing the Cybersecurity Risks of Working from Home

| Business Productivity, Managed Services, Security, Tech Tip | No Comments
A remote workforce has become the norm since the pandemic. Even now that we consider it safe to return to office work, many businesses have maintained the remote work setup because of the advantages. However, the risks of working from home also bring issues that need attention so as not to risk the company’s network and data. What Are the Cybersecurity Risks That Come with Working from Home? There are risks when working from home. Workers lack the usual protective measures used in an office network. Many workers use their home networks and may also use the same device for…