The Ninja Sensei’s Logbook: Don’t be Spooked by Email Spoofing
Identity theft is a serious problem. Organisations are not immune to such a sneaky tactic. With the sophistication of techniques employed by bad actors in email spoofing, businesses can fall prey to these traps, which often target their employees who are handling log-in credentials.
What exactly is email spoofing, and how does it work?
Email spoofing is a tactic employed in spam and phishing campaigns to deceive consumers into believing an email originated from a person or organisation they know or can trust. In spoofing attacks, the bad actor falsifies email headers to make it look as if they came from a legitimate source.
It works by taking advantage of the receiver’s trust upon thinking that the sender is a legitimate one, where due to this trust, the victim discloses sensitive information, which typically ends in remorse.
According to Singapore Police Force (SPF), at the start of 2022 alone, there have been at least 149 people who have fallen prey to a scam involving spoofed work emails, with losses amounting to at least $70.8 million.
Are there any ways we could prevent this? Yes!
👉Educate your employees about email spoofing, particularly those responsible for making wire transfers, such as purchasing and payroll personnel.
👉Prevent unauthorised access to your email account by using strong passwords, changing them frequently, and, if possible, implementing two-factor authentication. Consider installing complimentary email authentication technologies like Domain-based Message Authentication, Reporting, and Conformance.
👉Install and maintain anti-virus, anti-spyware/malware, and firewall software on your computer.
👉Maintain an up-to-date operating system by installing patches when they become available.
These are some preventive measures that the SPF has given so that organisations could limit instances of being a victim of email spoofing.
📱 WhatsApp: +65 8750 4250
📧 Email: firstname.lastname@example.org