What Is Email Spoofing and How Can It Affect You?

Spoofs sound light-hearted and fun, but the moment it’s applied to email it becomes much more annoying. Spoofs are typically defined as when someone sends out an email from your personal address, even when you had no hand in sending it. Scammers do this to get around spam filters and to solicit private information without raising suspicions.

The best, most often used comparison to spoofed email would be that it’s the equivalent of a specific type of letter campaign. Let’s say someone walks by your house, gets your address and then proceeds to use that address as the return address for all of the letters that they send out. They also sign your name to the letters. It would be nearly impossible to track down the person who did this, and you would get the mail that was marked as ‘return to sender.’ Typically you know you’ve been spoofed when you start getting a bunch of undeliverable messages, and in the case of spoofing, it’s better to just ignore those emails. The messages that you’re getting are entirely legitimate, the same way a post office returning a package if it wasn’t stamped or addressed properly would be legitimate. You can’t filter that type of message out.

Eventually, the person who is spoofing you will either stop or be shut down. It’s likely that they have access to a lot of email addresses, so there’s no reason that they’ll need to keep reusing yours or trying to find correct email addresses to ones that bounce back. Sometimes they’ll use up a lot of bandwidth which leads their ISP to shut it down. Less commonly would be people figuring out where the email was actually being sent from, resulting in a lot of complaints. Either way, the effects of one spammer spoofing you isn’t likely to last for long, or cause you any type of real problems. The key is to be aware of what’s going on so that you’re not falling into any trap.

The bottom line is, if you see a message from a friend or from yourself in your inbox, there’s no reason to panic. It doesn’t mean that your account has been hacked or that someone knows your password. Also, it’s not that everyone is just throwing up their hands when it comes to solving the problem. The larger companies with advanced servers have made progress with Sender Permit Forms, which basically verifies which IP address the email has been sent from and if it matches a legitimate source. If it doesn’t match, then the message is placed into the Spam folder. It isn’t perfect, but it does cut down on the amount of spoofs you’ll receive over time. Technology evolves over time, and it the process becomes much better. Problems like spoofing will almost certainly become a problem of the past, just maybe not today.