Call for Paper - December 2018 Edition
IJCA solicits original research papers for the December 2018 Edition. Last date of manuscript submission is November 20, 2018. Read More

Email Spoofing

Print
PDF
International Journal of Computer Applications
© 2010 by IJCA Journal
Number 1 - Article 7
Year of Publication: 2010
Authors:
Kunal Pandove
Amandeep Jindal
Rajinder Kumar
10.5120/881-1252

Rajinder Kumar, Amandeep Jindal and Kunal Pandove. Article: Email Spoofing. International Journal of Computer Applications 5(1):27–30, August 2010. Published By Foundation of Computer Science. BibTeX

@article{key:article,
	author = {Rajinder Kumar and Amandeep Jindal and Kunal Pandove},
	title = {Article: Email Spoofing},
	journal = {International Journal of Computer Applications},
	year = {2010},
	volume = {5},
	number = {1},
	pages = {27--30},
	month = {August},
	note = {Published By Foundation of Computer Science}
}

Abstract

Email spoofing is referred to as malicious activity in which the origin details have been altered so as to make it to appear to origin from a different source. Sending fake emails is usually used to convince the receiver so that he stays unaware of the real sender. Email spoofing may be effectively used to launch phishing attacks on the receivers. The attacker may also use the attack with some amplification and in addition use mass mailer to spam mail users. Infections may be propagated by the means of spoofed emails to attack victims. There are a variety of attackers who do email spoofing. The list starts from people trying to just have fun by sending spoofed messages to users. Other serious attacks are done by wrong doers to make damages to the systems.

Causes of email spoofing include compromised account information from where emails are sent. Sometimes user browsers are infected so as to use them to send spoofed emails. Email service providers versatility may be attacked by misusing the SMTP protocol.

Proper management and deterrence steps that are always recommended should be used to avoid falling into spoofing attacks. Mostly administrators need to follow guidelines to prevent email spoofing in their domains. Once email spoofing is been detected or reported, it should be properly handled. There are a certain set of instructions to react to attacks and also to provide deterrence against spoofing attacks.

Implementation of security relies on usage of physical medium like smart cards. The end users may also implement verification for the originators of email to prevent them from falling into the attacks of spoofed emails. Digital signatures and certificates are also recommended to ensure that the emails are genuine.

The recommended implementation of security does not come without limitations. These mostly include cost factors, providing training to users and implementation at both the client as well as the server ends.

Reference

  • http://en.wikipedia.org/wiki/E-mail_spoofing
  • http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci840262,00.html
  • http://en.wikipedia.org/wiki/Phishing
  • http://www.windowsecurity.com/whitepapers/25-Common-Mistakes-Email-Security.html
  • http://www.cert.org/tech_tips/email_spoofing.html
  • http://www.umt.edu/it/email/spoofing.aspx
  • http://www.ehow.com/list_5924278_disadvantages-pgp-encryption_.html
  • http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci343029,00.html
  • http://www.eric.ed.gov/ERICWebPortal/custom/portlets/recordDetails/detailmini.jsp?_nfpb=true&_&ERICExtSearch_SearchValue_0=ED415834&ERICExtSearch_SearchType_0=no&accno=ED415834