How to Avoid an Email Spoofing Attack
You’ve just received an e-mail from your boss asking for your help on an important project. Quickly opening the attachment they’ve sent; you realize that the e-mail wasn’t really from your boss and you have experienced an email spoofing attack.
It is very common to fall victim to an attacker changing the “From:” address on an email to represent a known name. For example, an attacker can pretend to be a recognized business and send emails to customers asking for payments, private information or other valuable items.
I’m sure you are now thinking of the various e-mails that you have caught entering your inbox that present a false exterior.
So, how do we prevent an email spoofing attack?
Fortunately, there are people who have considered these vulnerabilities and have provided standards to prevent these weaknesses. For the past 30 years this has been covered by the Internet Engineering Task Force (IETF). The IETF provides two main ways to solve spoofing: Sender Policy Framework and Domain Keys Identified Mail.
Sender Policy Framework
Prevents others from sending messages from your domain name. The sender policy framework has a record of approved email systems and servers. For instance, Andrew and James who have emails with @danory.ca have been identified and approved by the Sender Policy Framework. However, emails cannot be sent from firstname.lastname@example.org as this user has not been approved by the email system or server.
Domain Keys Identified Mail
Prevents spoofing by providing a source to check if the email is authentic. This solves the problem when named accounts are used: answers the question of did my boss actually send this from their inbox or is this someone sending an email with my bosses’ name on it?
How do I monitor against Email Spoofing attacks?
There is another protocol called Domain Message Authentication Reporting & Conformance (DMARC).
DMARC is the governing record for your email system. This tells recipients whether to block, junk, or deliver your email. Additionally, you can protect your own brand from spoofing and ensure your email nearly always delivers and is trusted if you set it up properly.
At Danory Technology Partners we have taken the time to research the best cloud tools for business grade e-mail. We work to give your organization strong tools to help further your company’s communications. Contact us to figure out how we can help protect your company against email spoofing.