Warning from the Civil Guard and INCIBE: Beware of ‘spoofs’: the emails you receive may not be from who you think
Saturday, July 20, 2024, 9:45 PM.
Cybercriminals are using more sophisticated strategies to trick users into biting them and not detecting the scam. Among these methods is a fake that impersonates a person, which the Civil Guard warns about to avoid being scammed.
What is spoofing? According to the National Institute for Cybersecurity (INCIBE), the word comes from the English term meaning “to fake” and is used to trick message recipients into impersonating another person or entity, mainly via email. They aim to obtain sensitive information such as passwords, account numbers or personal data, or they can even be tricked into performing actions such as transferring money or downloading malicious files to their devices.
For this reason, even if we receive emails from known contacts that we trust, it is important to exercise caution. For example, if we have unusual requests or strange messages in our contact’s email, when in doubt, it is preferable to directly ask the person to clarify their text rather than reply to the email, as INCIBE emphasizes.
Another, more obvious sign that we have received a scam email is when we receive an email sent from our own email address.
Email spoofing is characterized by replacing the attacker’s original email address with that of the victim, whether a user, organization, or service. This type of spoofing is possible because the Simple Mail Transfer Protocol (SMTP), which is the main protocol used to send emails, does not include authentication mechanisms. Someone with computer knowledge can manipulate email headers to change the information that appears in the message we receive, in this case, the sender’s email. According to Incibe, this means that an attacker can send a message impersonating any person or company.
How do I know if an email is from the person it’s from?
To identify possible cases of email spoofing and avoid falling into the traps of intruders, it is important to pay attention to the following indicators:
Verify the authenticity of the sender. Carefully check the sender’s email address for any irregularities or discrepancies compared to known and expected information.
Check the email header to see who the email is actually from:
Gmail
To view the header of an email in Gmail and check its origin:
Sign in to your Gmail account.
Open the email in question.
Click on the three vertical dots in the upper right corner.
From the drop-down menu, select Show Original. The email source will be displayed with the full header, where you can search for the From: line to see the sender’s address.
Prospects
To view the email header in Outlook and check its origin:
Open the email in Outlook.
Right-click the message and select Message Options.
Look for the “Internet Header” field. The header will display detailed information about the origin of the email. You can copy the header information for analysis or share it with experts if you have questions about the authenticity or security of the email.
Yahoo Mail
To view the email header in Yahoo Mail and check its origin:
Sign in to your Yahoo Mail account.
Open the email you want to examine.
Click the More Options icon (three vertical dots) in the upper right corner.
Select “View full message” or “View message source”.
A new window or tab will appear with the email header, which contains information about its origin and route. Look for the section that begins with “Received:” to view details such as the servers and IP address of the original sender.
Also, it wouldn’t hurt to:
Analyze the content of the message: Look for any urgent or unusual requests that involve disclosure of sensitive information or quick action, and be wary of messages that create an excessive sense of urgency.
Check links and attachments. Don’t click on suspicious links without checking their origin and making sure they’re safe.
Check the authenticity of the website. If you are redirected to a web page, verify its legitimacy by reviewing the URL to ensure it matches a legitimate website and looking for security signs, such as a padlock in the address bar or the use of “https” instead of “http.”
How to protect yourself from the threat?
Even though we can take various security measures in our email, some malicious emails will still make it into our inbox. That’s why Incibe reminds us that there are a few things to consider to avoid becoming a victim of an attack:
-Avoid opening suspicious email attachments.
-If the email contains information about urgency or danger due to any situation, you should be extremely careful and visit the website directly from the browser and not from the provided link.
-Install your antivirus, update it and activate email-related functions.
– Update your software: Make sure your operating systems and security software are up to date, as updates typically include fixes and solutions to known vulnerabilities.
-Block users you may suspect: if after filtering an attacker manages to receive one of these emails, it is advisable to include the sender in the blacklist of our email client.
Access to all content for the first month for 0.99 euros.
Are you already a subscriber? Login