Skip to content

Spoofing Revisited

Earlier this year I wrote about “hacking” and “spoofing.” In light of the number of calls I’ve gotten about this subject — and the number of spoofed emails I’ve received lately — I thought it might be helpful to re-print some of that information.

The bottom line: spoofing is annoying but not dangerous.

Ever receive an email from a friend you know didn’t send it? The message contained an ominous looking link, or the email’s content was for products you know your friend would not be soliciting. It’s called “spoofing.”

Spoofing is annoying. It may feel like an invasion of privacy, but in the world of internet invasions, it is relatively benign. It is not hacking.

Hacking is illegally getting your password and actively gaining access to — and possibly compromising — your accounts.

Spoofing is an automated “robot” picking up your email address and placing it in the “From” field of its own email. It enters some content, and sends the email to the addresses in your contact list. It is not actually targeting you personally.

That said, it is still uncomfortable.

If you suspect that your email account has been spoofed (you’ll know because you get an email from yourself, or fifty friends contact you about a strange email they got from you), check your “Sent” folder for emails that you didn’t send. If you see any, you should change your email password immediately. This will lock out the unauthorized “robot” and re-secure your account, at least for the time being.

Of course, if you change your email password on your computer, be sure that you change it on your smartphone and your tablet too.

I can’t tell you here how to change your email password — each email service handles it differently — but you can Google your service (AOL, Gmail, Comcast, Bellsouth, etc.) for directions.

If you receive a spoofed email, delete it. If you don’t recognize it as a spoofed email and you open it, don’t click on the link contained in the email. If you do click on the link, you will probably be taken to a site that offers you a way to “make $1,000/day working from home,” or something equally implausible. These links are usually harmless but best to delete them rather than click them.