Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
Email spoofing is a fraudulent email activity hiding email origins. The act of e-mail spoofing occurs when imposters are able to deliver emails by altering emails' sender information. Although this is usually done by spammers and through phishing emails for advertising purposes, email spoofing can have malicious motives such as virus spreading or attempts to gain personal banking information. Simple Mail Transfer Protocol (SMTP) does not provide any type of authentication process for persons sending emails. Yet, it is the primary email system for most people, facilitating email spoofing. Now a days, most email servers can provide further security. Also many digital software vendors have created products remedying this problem.
There are very few legitimate reasons for email spoofing to exist. Whistle blowing, or reporting an immoral or illegal activity, may prompt an individual to engage in email spoofing and remain anonymous. However, the primary reasons for email spoofing involve advertising, but are just considered nuisances. Unfortunately, misleading or corrupt emails are more common than legitimately spoofed emails.
Spammers use open relay as a method for sending email spoofs. An incorrectly configured SMTP server, known as open relay, is vulnerable to the use of spammers since it is easy to manipulate to and from areas of the emails. This lends itself well to those who send spam and phishing emails.
Some U.S. states are beginning to enact laws against email spoofing where the use of third-party emails is a crime. Another legislative safeguard against email spoofing is the CAN SPAM Act, which prohibits unsolicited emails containing false headers or disguised impertinent subject lines. Yet the irony of this law is evident when one considers that the act of spoofing deliberately disguises the real sender’s identity. This can cause problems when trying to identify and stop those responsible for the email spoofing. Even so, the Federal Trade Commission encourages reporting instances of email spoofing.