What Is Spoofing?

What does email spoofing look like?

The most common type of spoofing is done through email. Similar to phishing scams, spoofing emails can be hard to detect. Typically, a false sense of urgency is conveyed in the way spoofing attacks are written, which often is the reason why end users react to them.

The telltale signs of a spoofing email include:

• Incorrect grammar
• Poor spelling
• Badly written sentences or phrases
• Incorrect URL: This can be deceptive and look correct--until you hover over it to uncover the actual URL.
• Misspelled email sender address: The name of the sender or domain--or both--may be misspelled. This can be hard to recognize when viewed quickly and may, for instance, contain the number "1" instead of the letter "I.""

How do I defend against spoofing?

The best defense against email spoofing is a layered approach to your email security that includes a robust defense against phishing, spoofing, business email compromise, and other cyber threats. You will want functionality that lets you find, block, and remediate threats to inbound and outbound email.

Also look for:

• Best-in-class threat intelligence, so threats are provided in real time and are immediately actionable
• Multi-factor authentication that protects against credential theft
• Phishing protection that stops deception threats
• DMARC authentication and enforcement that protect your brand's reputation
• Malware protection that can spot risky files in attachments and provide sandboxing
• End-user training to continually expand and enforce your workforce's knowledge of cybersecurity risks.