Forged email, or spoofed email, is a tactic used by scammers to commit fraud. The purpose of an email forgery, as its name implies, is to fake a message so that it looks legitimate. Forged emails are the basis of phishing and spam attacks. They are widely used by cybercriminals because people are more open to interact with emails from people and brands they already know.
Check out our list of 5 types of forged email attacks
1. Compromised Email Account
That’s one of the most dangerous type of email attack. An attack of compromised email account happens when your email account has been hacked and then used for other attacks. Typically, this scam starts with a spam or phishing message.
Using a malicious link or malicious attachment, the attacker gains access to your credentials or to your entire device. At this early stage, criminals often use different types of malware to gain control over your computer. Then, with free access, they can send emails as if they were you.
If you have heard about BEC (Business Email Compromise), you already know about the damage that an attack using a compromised email account can do.
2. Forged Envelope Sender attack
The Envelope Sender is also known as Envelope From, SMTP From and Mail From. In general, this address is only used by your mail server, so it may be visible to you or not depending on your email provider. When a criminal falsifies the Envelope Sender, he’s trying to use the domain of a known company to earn your trust and bypass the mail server's filters.
3. Forged Header Sender attack
The Header Sender can be called by other names as well: Header From and Message From. This is the address that appears in your mail application. Unlike the Envelope Sender, it's always visible to the end user.
The goal of a forged Header Sender attack is the same as a forged Envelope Sender attack. The difference between them is that spoofing the display name of the sender gives more credibility to the scam, since people trust what they can see and read in the from field.
4. Cousin domain attack
A cousin domain attack, or similar domain attack, happens when the criminal tries to trick you by using a domain that looks like the real one. This type of fraud involves adding or subtracting characters to the address.
For example, the attacker can substitute a "t" for "1" or an "e" for a "3". Instead of having "firstname.lastname@example.org", it could be "email@example.com". Or "firstname.lastname@example.org" would be "email@example.com". It’s a subtle change that may catch someone distracted during a rush time.
5. Free email account attack
The free email account attack uses a valid free email account, such as Yahoo and Gmail, to deceive people. For example, the scammer may incorporate a director of a company, saying that he is using a personal email because he was unable to access the company's network.
This attack is interesting to fraudsters because, as it's a valid email, it usually doesn't get stuck in filters and authentication protocols.
Protection against forged email attacks
The best way to fight forged email attacks is using different engines, protocols and softwares, such as anti-spam, anti-virus, SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail) and DMARC (Domain-based Message Authentication Reporting & Conformance). If you need a complete solution, designed for businesses of all sizes, take a look at Secure Email Gateway software.