Skip to main content
Sign In |
  Help (new window)

Home
Kinetics Handy Hints
News From Kinetics
General Information
Products and Services
Careers
Case Studies
Secure Login
  
Home > News From Kinetics

What is a Spoofed e-Mail Address? 

View All Site Content

'Spoofing' is what happens when an e-mail is made to appear to have come from a different source.    Spoofing can be a legitimate action but more often, it's a trick to deceive the recipient or used to bypass spam filters.  A common Spoofing action is to change the reply address on an e-mail.  To understand this you need to think of a traditional letter.

You can post a standard letter at any NZ Post box.  On the front of that letter you can write any address you wish.   The same goes for the return address on the back on the envelope, you can write whatever name and address you wish to on the back.    As an example:  You are sent a bill reminder by a company that has done some work for you.   The invoice may have been be printed and posted from a centre in Christchurch, but the return address maybe your local branch.

E-mails also have a return address (reply to address) on them.  Sometimes the reply address may not be the address of the person or automated system sending the email.  If you make use of the “Send-As” feature in Outlook you are sending on behalf of someone else.    That e-mail is coming from you but has their reply address on it, so you have 'spoofed' their address.  It's a very legitimate thing to do, common where a P.A. might be assisting their boss to work through correspondence or indeed, many other scenarios.

Spammers use 'spoofing' to trick anti-spam systems.  They may use a legitimate reply-address to trick a system into thinking that the email is from someone you know and trust.  This is a very common technique because the reply-to address is something that can be easily overwritten.  That makes 'spoofing' a common source of False-Positives due to it having both legitimate and illegitimate uses.  A False-Positive is when a legitimate email is mistakenly marked as spam.

Another variation on this is to change the display name on the email.  With this trick, the reply-to name that you see is 'spoofed' (changed)  to read as a trusted address.  But if you press 'reply', the address hidden behind the display name is someone else.  In terms of the standard postal letter that would be the return-to “Name” reads as someone you know but with a different “postal” address.

Spam tricks are consonantly evolving.  Over the last couple of years, one of the most effective solutions has been the move towards hosted (cloud) spam solutions.  There are a lot of hosted options and they vary significantly in both quality and cost.  Kinetics has moved to using a hosted solution (SMX - an excellent local NZ business that's successfully taking their technology globally) for our own email resulting in a excellent reduction in spam and false positives.  It's so good, that we've made it an option in our Kinetics KARE programmes. 

If you would like to know more about the solution we are using talk to your account manager, engineer or email us on info@kinetics.co.nz.