Email spoofing:

Why you need to be concerned

What you can do to drastically reduce it

Email Spoofing

Is the creation of emails with a forged sender address – typically yours!

Email spoofing

SPAM and phishing emails frequently use “spoofed” email to spread viruses and steal personal information.

Is your email is being spoofed?

You’ll see many returned emails (bounced) in your inbox (or SPAM/Junk folder) that you never sent

Is your email being spoofed?

You get emails sent to yourself – that you never sent!

So what?

Every time an email is sent with your domain being spoofed – it’s another win for the hackers!

What steps can you take to do your part?

• Education is vital. Share this education with others: friends, family, co-workers, business associates, Facebook, LinkedIn, etc.

What steps can you take to do your part?

Beyond education, set-up as many automated functions as possible to pre-filter emails before you see them.

What steps can you take to do your part?

Sender Policy Framework (SPF) should be carefully configured for all your email domains. It doesn’t require an advanced college degree – but it helps to know the little “tricks of the trade”.

Prevention

Reportedly, about 60% of email domains already have SPF setup. However, our research shows only about half of them are configured properly.

Configuring SPF

SPF allows you to specify which hosts are allowed, or pre-approved to send email on behalf of one of your domains

Improperly configured

It probably has a setting like:

v=spf1 +a +mx +ip4:(your IP address) ?all

v=spf1: Identifies this as an SPF record SPF version 1

a Authorizes the host(s) listed in the domain’s A record to send email

mx The MX records are tested in order of MX priority

ip4: The IP address of your mail server. Additional ones are spaced

?all The SPF record specifies explicitly that nothing can be said about validity

What it should be

v=spf1 +a +mx +ip4:(IP address of email server) ~all

Changing the ?all to ~all is the one little change that makes a huge difference.

The difference between the ~ and ? is that the ~ denotes that the list is all inclusive and no other servers are authorized to send email

For email servers that check SPF records this will dramatically reduce the amount of bounce-backs, spoofing and forged emails sent using your domain

1. You need to take every step possible to prevent SPAM2. Take some simple steps and realize how much better email is3. Share this with friends – the more people who participate the more

effective this becomes

If you have questions, connect with us on Twitter and ask us – we’ll help you as much as possible @wewatch #stopspam