You have probably heard the term spoofing and wondered exactly what does that mean? The word originated with a British comedian Arthur Roberts back in 1884. He invented a game called Spoof which included trickery and deception. Over time the word came to symbolize a mocking imitation of someone or a practical joke or prank.
In today's internet world, it has taken on a more sinister note and often refers to criminal activities.
When it comes to email, spoofing is forging an email and making it look like it comes from the originator when it is actually coming from another source. One of our customers had an email account that they had not used in over a year. Recently a friend mentioned they were receiving emails from this source. This concerns me because spammers use spoofing to get you to open emails that you would not otherwise open. The goal is to get you to respond to these emails and possibly give information that you would not normally give to a stranger.
The primary goal of the hacker is to get you to download damaging software or click on links that would take you to places you don't want to go. One of the more common email spoofs recently has been an email from a delivery service such as UPS or Fed Ex stating that you need to confirm a delivery.
What Can You Do? Here are a few suggestions:
1. Make sure that you change the password to your email account on a regular basis. There are programs such as LastPass or RoboForm which can help you with these changes. Make sure that your password is strong using a combination of upper and lower case letters, numbers and symbols. Your password should always be more than 8 characters. You may want to write down your password but keep it where it can't be easily found. This is especially important in your work environment.
2. You will need to run a scan regularly to insure there is no malware on your machine. You can use a program such as VIPRE or call your local computer store for assistance. Unfortunately you won't know until it is too late that your system has been hacked and a spammer is sending emails from your account. A daily scan of your system will prevent your system from being turned into a "spam zombie."
3. People often forget that when they sign up for accounts like Yahoo or Gmail they are asked for an alternative email address. You need to check this email address to make sure that you can still access the account. It is very common for a spoofer to hack this account and remove your login and replace it with their login.
4. Periodically check to make sure your security questions have not been altered. These are the questions you are asked when you first sign up for an account such as your pet's name or where you were married. This is especially important if you have signed up for online payments. Don't use the same question and answer for all of your accounts. Every month or so check the accounts to make sure the answers have not been altered.
5. In some instances an account will ask for your phone number and give you a code to verify your identity. As with the security questions, check your account to make sure that your phone number has not been changed.
By taking just a few precautions, you are reducing the chance of being hacked by the bad guys and preventing them from taking over your account. Of course, nothing is foolproof but these steps will go a long way to protecting your email and online accounts.
There are rare situations where your email address may have been used in what is called a spam campaign. This is where your email address is the "from" address. In this case your account has not been technically "hacked" and malware would not be able to detect this action.
You will know when this happens because you will be getting hundreds, if not thousands, of bounce-back emails telling you that the email was undeliverable. In this case, the only thing you can do is ride it out. If you are using Outlook, you can set-up a rule that sends these emails to a separate folder.
No comments:
Post a Comment