Most of us know spam when we see it, but seeing a strange email from a friend—or worse, from ourselves—in our inbox is pretty disconcerting.
Email spoofing is the creation of email messages with a forged sender address. If you’ve seen an email that looks like it’s from a friend or company, it doesn’t mean they’ve been hacked, but spoofed by spammers. Spammers and phishers want you to click on the links or open attachments in these emails so that they can gain access to your computer.
You can begin to protect yourself from being spoofed by following these four steps.
- Safeguard your personal information – use caution when receiving an email that asks for personal information such as banking account). Companies do not send out emails requesting this type of information.
- Educate yourself about spoofed emails
- Look at the FROM address. Anything after the @ symbol should be the name of the legitimate company.
- Pay close attention to the language as many of these emails originate from outside the US
- If you open the email, look at the URL link and see if it is pointing to a legitimate company website.
- Delete the message
- Report suspicious emails to the company being spoofed (Ex. A common fraudulent email recently circulating is a email that looks like it is from UPS but it contains invalid links which may infect your computer)
- Do not Reply, Delete the message
Examples: https://www.ups.com/media/news/en/fraud_email_examples.pdf
Suspicious emails can also be reported to the FTC at [email protected]