What is Spoofing?

For additional credibility, phishing attacks are often combined with spoofing. Spoofing is a technique that allows cybercriminals to alter the sender’s header so their messages can look like they’ve been sent by a source trusted by their victims. Thankfully this is a technological trick and thus other technologies, like SPF and DMARC, exist to detect and prevent those messages from making it into organizations. The biggest problems arise when spoofing is not employed, leaving only the content to give away its intent. Since technologies, like AI, are not there yet when it comes to detecting the patterns of these fraudulent messages, it is up to us humans to use our judgment. In many cases, IT value their judgment over their users’. So how can IT intercept these messages before they make it to the recipients?

A two-pronged approach is the best way.