How to Send Spam & Spot Fake Emails (Email Spoofing 101)
Spammers are the bane of every email user. No matter what you do, junk mail always breaks through the spam filters. And some of the best ones seem to come from legit companies, and that's because they aren't legit companies— they're spammers masquerading as legit companies.
Why would Bank of America be sending you an email like this?
"We have temporarily limited your account sensitive features due to the successfully updated of our new security alerts service. In order to confirm your online bank record, we will require some specific information from you to restore your account. Please click Sign In To Online Banking if this process is not completed within 24hours. We will be forced to suspend your account online, as it may have been used for fraudulent purposes. We thank you for your co-operation."
If the errors and bad sentence structure didn't fool you (not to mention the absurdity of it), then you probably didn't click on anything in the email, and deleted it right away. Good.
And why would Bill Gates be trying to give away his fortune to you?
"Hi there. This is Bill Gates from Microsoft, and I am looking for a place to save my fortune. I want to send YOU 6 million, billion dollars of it but need to establish a line of credit in your country first, so I must deposit this money directly account. Please reply with your password, mother's maiden name, date of birth, and your favorite type of Vienna sausage so we can proceed with the transfer of funds."
This is even worse than the other one. Vienna sausage?
And here's one from eBay, supposedly:
These mischief-makers are phishing for suckers, with the help of spoof emails.
Wikipedia describes email spoofing as an "e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. Because core SMTP doesn't provide any authentication, it is easy to impersonate and forge emails. It is usually fraudulent but can be legitimate. It is commonly used in spam and phishing e-mails to hide the origin of the e-mail message. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. The result is that, although the e-mail appears to come from the address indicated in the _From_ field (found in the e-mail headers), it actually comes from another source."
Now, if you're interested in how spammers email spoof, Household Hacker shows you how he does it, through a website called hoaxMail. In the video, you'll also learn how to tell if an email is legit or not.
Note: if the video above does not work, you can alternatively view it here.
In the video, he states:
"The best way to check the legitimacy of an email is to examine the headers.
"You need to read the entire email headers to look for warning signs if you're suspicious that someone's playing a joke on you.
"The easiest way to see if this is a real email address is if you click reply to the email, and it asks you to send an email followup to the a different address other than from the sender with your information. This is because they do not have actual access to the email in question."