Have you ever seen emails that looked genuine but were a scam?

Well, these are spoofed emails for you!

Talking about email spoofing, they are emails that appear to be from a known person, but they are not in reality. Cybercriminals modify the header of an email to make it look as if it is sent by someone genuine. It is one of the popular strategies used in phishing and spam emails.

The risks and damages of email spoofing can be substantial, especially when you use emails for corporate purposes. For example, you own an online store, company, or just a small Facebook shop.

So you have to be aware of all the threats of email spoofing. In this article, we will discuss how you can keep yourself safe from email spoofing.

How to stop email spoofing?

Firstly, it is essential to note that the communication protocol for electronic mail transfer, the Simple Mail Transfer Protocol or SMTP, does not support email authentication. So you have to adopt other methods to stop email spoofing.

  1. Checking the email headers manually- It is one of the simplest ways to identify spoofed emails. Just check the email headers manually. If you open your Gmail account from a web browser, then follow the below steps:
  • Open the email that where you wish to check the header
  • Just look beside the Reply icon, you will see three vertical dots, click on that
  • Scroll down, and you will get an option “Show Original.”
  • Finally, copy the text on the page
  1. You can also use Message header tools to identify the individual header lines.

In case you are using the Outlook application, then follow the given steps:

  • Open the email that where you wish to check the header
  • Then look beside the Reply All Icon, you will see three horizontal dots, click on that
  • Then choose the option “View message source.”
  1. You should always keep an eye on the “Return-Path”; it should be the same as the sender’s email address.
  1. Use of Sender Policy Framework or SPF- It is an email authentication mechanism that specifies all the email servers are capable of sending email on your domain’s behalf. For SPF implementation, both the host and the domain need to identify authorized machines that can send emails on their behalf. For this, we need to add multiple SPF records to the existing DNS information. This is a complicated task, and only experienced Network Administrators are capable of doing this. The recipients have to confirm that the given IP address is allowed to send designed letters; only then they would receive emails from that particular sender.

How to prevent email spoofing?

If you have an organized inbox, then email spoofing should not be able to affect you. But we understand that the work is not as easy as it is to say, you might receive hundreds of emails each day from unknown sources. To sort them manually daily can be a challenge, so you can take the help of some email management application. They are fast, easy to use, and will do all the work for you.


Email spoofing is one of the most abundant ways that cybercriminals use to get hold of sensitive information.  But the good news is, with the above tips, you can avoid these emails and keep your mailbox safe.

Published by Balaji N

Balaji is an Editor-in-Chief & Co-Founder - Cyber Security News, GBHackers On Security & Kali Linux Tutorials.