Learn About Email Spoofing

Email Spoofing:- 

 Email spoofing basically comes down to sending emails with a false sender address. This can be used in various ways by threat actors. Obviously pretending to be someone else can have its advantages especially if that someone else holds a position of power or trust with regards to the  receiver.

Why spoof the sender address?

Although most well-known for phishing purposes, there are actually several reasons for spoofing sender addresses:
  • Hiding your true identity, although if this is the only goal it can be achieved easier by registering anonymous mail addresses.
  • Easy to rotate. If you are spamming, you are bound to be blacklisted quickly. If you’re able to switch sender addresses, who cares?
  • Pretending to be someone the receiver knows. This can be used to ask for sensitive information or just plain orders to transfer funds.
  • Pretending to be from an organization the receiver has a relationship with. Phishing attempts to get hold of bank login details etc. are the most common example.
  • To give the sender a bad name. Sending out insults or other messages that put the so-called sender in a bad light.
  • Identity theft. Being able to send messages in someone’s name can be the start of an identity theft procedure.

How do I add TXT record to DNS configuration?

Step 1 - Open your DNS settings

Log into your domain account, then find where you manage your DNS settings. Depending on your provider, this may be called Zone File Settings,  DNS Manager, or something similar.
For help finding these settings, refer to our provider-specific guides, or to your provider’s own support documentation.

Step 2 - Add a TXT Record

In your Square space site, open your Domains panel:
1.     In the Home Menu, click Settings, and then click Domains. You can also press the ? key while any panel is open and search domains.
2.     Click the domain you need to verify, then click DNS Settings.
3.     In the first line of your Square space DNS Settings, copy the unique code that appears directly below the Host column. The unique code is a random string of numbers and letters that must point to verify.squarespace.com.



·  In your provider’s DNS settings, create a TXT Record with the following values:
  • Alias, Host, or Host Name - @ or leave blank
  • Type or Record Type - TXT or TXT Record
  • Points to - Copy and paste the unique code from your Domains panel 
·  Save the record 

Step 3 - Verify 

Return to your Squarespace DNS Settings and click Refresh below the records.
The Current Data column in the panel will start to update and show whether your records are entered correctly. If your TXT record resolves properly, you’ll see a green Correct label next to it in the Current Data column. It can take up to 72 hours for this information to process.

Check the sender’s email address:-

With the recent influx of emails of spam emails appearing to come from legitimate companies, it is no wonder that cyber crime is at an all-time high.
Throughout 2016 and moving swiftly into 2018, payment requests and fake invoice emails, appearing to come from well-respected organisations  like PayPal and Apple are flooding our inboxes. These emails have only one intention; to scare and force us to pay out our hard-earned cash to criminals.
Now, I’m not going to stand here and just tell you to click on the red cross to get rid of popups, or push that Free Holiday  email over to your spam folder, because in 2018 that just isn’t enough.
Personally speaking, I recently received an email from Apple claiming to be an invoice for a piece of software I had supposedly purchased for RS/- .10000
After panicking for around 5 minutes, I decided to click on the email address that the information had come from, which highlighted the fact that although the email address claimed it was from a trusted Apple department, it was from an illegal cyber crime operation in India. The website even linked to a fake website that had the Apple Icon in the search bar and a duplicate design of Apples website in an attempt to prove it was legitimate. The only thing that gave it away was the small email address, hidden away on the sender’s ID card, which is attached to every email.
These types of scams slip through our spam filters because they do not use any keywords to trigger your email provider’s systems as they are almost identical to the real thing.

How Spammers Spoof Your Email Address (and How to Protect Yourself):-

Most of us know spam when we see it, but seeing a strange email from a friend—or worse, from ourselves in our inbox is pretty disconcerting. If you've seen an email that looks like it's from a friend, it doesn't mean they've been hacked. Spammers spoof those addresses all the time, and it's not hard to do. Here's how they do it, and how you can protect yourself.
Spammers have been spoofing email addresses for a long time. Years ago, they used to get contact lists from malware-infected PCs. Today's data thieves choose their targets carefully, and phish them with messages that look like they came from friends, trustworthy sources, or even their own account.

  • Don't open an unknown email .
  • Don't try to  open an unknown attachment.
  • Don't make payment through email if the sender is not known.
  • Copy the email id and paste it on google if it is showing the actual website then go for the next 

Comments

Post a Comment

Popular posts from this blog

Facebook phishing Page

Image
  Facebook phishing page:-   What is phishing page? Phishing is a most popular technique used for hacking passwords and stealing sensitive information like credit cards, banking username & passwords etc. Phishing aka fishing attack is a process of creating a duplicate copy or a clone of a reputed website in the intention of stealing user’s password or other sensitive information like credit card details  How to make a phishing Page :- open any web browser     Type www.facebook.com on the URL      3. Right click on the facebook page and Click on " View Page Source "       4. Now Copy the whole php code    5. Now paste the copied code into a Notepad File.   6.  Save the file as Index.html ,  7. Now ready  any php script which can send You password       this is script  below which y...
Read more

D DOS attack

Image
D DOS Attack   What is D DOS Attack?  A DDOS (distributed denial-of-service attack) is an attempt at rendering a server unreachable to its visitors. During a DDOS attack your website may become unreachable since the server is being flooded with bogus requests and cannot process the valid ones. Think of this example: Imagine someone prank calling your phone. It’s like a 500  people prank calling your phone and tying up the phone lines. Then someone that wants to talk to you tries to call. They might get a busy signal or not get through at all. The phone company may have trouble distinguishing between the “real” phone calls and the “prank” phone calls. The objective of the prank phone calls is to simply tie up the phone lines so no one else can get through to you.             Now, Think of the web server as the phone company that’s handling your phone calls and the DDOS attack is all the prank callers. The legitimate calle...
Read more