
Sunday 30 September 2012

what is email spoofing?

A spoofed email is one that appears to originate from one source but has actually emerged from another source. Falsifying the name and / or email address of the originator of the email usually does email spoofing. usually to send an email the sender has to enter the following information:
  • email address of the receiver of the email
  • email address(es) of the person(s) who will receive a copy of the email (referred to as CC for carbon copy)
  • email address(es) of the person(s) who will receive a copy of the email (referred to as CC for carbon copy, but whose identities will not be known to the other recipients of the e-mail (known as BCC for blind carbon copy)
  • Subject of the message (a short title / description of the message)
  • Message
Certain web-based email services like, offer a facility wherein in addition to the above, a sender can also enter the email address of the purported sender of the email.
Consider Mr. Siddharth whose email address is His friend Golu's email address is Using SendFakeMail, Siddharth can send emails purporting to be sent from Golu's email account. All he has to do is enter in the space provided for sender's email address. Golu's friends would trust such emails, as they would presume that they have come from Golu (whom they trust). Siddharth can use this misplaced trust to send viruses, Trojans, worms etc. to Golu's friends, who would unwittingly download them.

