What is a spoofing attack?

Spoofing is the dark art of using disguise for fraudulent purposes. Criminals alter small details to convince targets they are a trustworthy source.  Spoofing is a tactic fraudsters use over the phone, on websites, by text messages, and more.

One particularly common medium fraudsters target is email. Spoofing is often a key feature of phishing campaigns.

What is email spoofing?

When an email looks like it’s from a trusted sender but it’s actually sent by a fraudster, it’s called spoofing.

It may appear to be from a business you frequent or a financial institution. The intent is to get you to open it by pretending it’s from a legitimate source. The trick works when a fraudster is able to capture information like login credentials and passwords.

How to identify email spoofing

• Email links to websites with addresses different than the correct domain (such as nocom)
• Wrong sender address, usually obvious after the “@”
• Website addresses that don’t begin with “https” (secure connection)
• Request to verify information through a link

Tips to stop spoofing from happening to you

• Choose strong passwords, and don’t share them with anyone
• Think twice before sharing personal details on social media (birthdates, addresses, mother’s maiden name, pets’ names, etc.)
• Don’t supply personal information via unsolicited emails, texts, or phone calls
• Only open attachments or click on links that come from a trusted source
• Be wary of urgent or time-sensitive warnings
• Before clicking, hover over links in an email to see where they are going to take you

Situations like this can be stressful! If you receive a suspicious email, don’t give out any information. If you aren’t sure what to do, call us at 800.433.1837. Numerica is here for your financial well-being.