What is email spoofing?

Spoofing is defined as:

/spo͞of/ verb 1. imitate (something) while exaggerating its characteristic features for comic effect. 2. hoax or trick (someone).

Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source.

Spoofing email addresses is pretty easy. All a person needs to spoof an email address is an SMTP (Simple Mail Transfer Protocol) server (a server that can send email) and the appropriate email software. Most website hosting services will even provide an SMTP server in their hosting package. It is also possible to send email from your own computer if you load an SMTP server on it, however most ISPs will block port 25 (which is required to send out email).

Many of the available free SMTP servers will allow you to show a different “from” address than the actual registered domain that the email is transmitting from. However, to the recipient of said message, they will see that it actually came from the address you specified.

How can I protect myself from being spoofed?

• Use your spam filters. Nearly every free (and paid) email service has spam filters and junk boxes. If something goes to your junk mail, don’t simply unblock it. Investigate the email, even if it looks like it’s coming from someone you know. Make sure that it really did come from that person and that they intended to send it to you.

• Never click an unexpected link or download an unfamiliar attachment. Nearly all major companies (such as banks) have policies in place that require that if they need you to click a link to their site, they will include some sort of identifying information such as your name or last four digits of an account number. Pay special attention to that. Too many people see a generic email that simply says “Your account has been compromised, click here to validate.” No legitimate bank or institution will ever send that. They would say “Dear Jason, We believe your account has been compromised, please call us at XXX-XXX-XXXX.”

• Learn to read email message headers and check domain names and IP addresses.Nearly all email programs will let you float your mouse over an email address (or link in an email). What you see pop up should be identical to what you are floating over. If it is something different, then it is probably spam or phishing for information.

Dangerous attachments- Be careful on what you click on and open!

The easiest way to avoid clicking on a dangerous attachment is not to open it unless you know who it's from AND you are expecting it. If you are unsure, don't open it and forward it to adriene@itmedicaltechnologies.com and we'll look into it for you.