Email Spoofing is to use an email address as the sender in sending out SPAM or phising emails without going to the email portal of the email account. Some does not require authentication like username and password because they are connecting via LAN or an external environment using Trojan horses.
You may think that your email account is being hacked because some recipients can be your contacts from your address book. However, this is not the case.
If you try to check the full header of the bounce back email that you may receive from an undelivered email, you would be able to trace out the IP address where the email was sent from. IP address may be random or might come from different countries.
A real world scenario would be like when you send a letter through the post, you would indicate a return address on the envelope so the recipient can identify the sender, and so the post office can return the mail to the sender in the event of a problem with the delivery.
But nothing prevents you from writing a different return address than your own. In fact, someone else could send a letter and put your return address on the envelope.
Email works the same way. When a server sends an email message, it specifies the sender, but this sender field can be specified or scripted to under the pretense from as an email address that you do not own.
Steps to be taken if your mail identity has been spoofed:
- Change your password immediately for all your other email accounts.
- Enable Sender filtering
- Enable Recipient filtering
- Further do not respond to any mails which have personal information from the forged Mail ID
- Add and update the block list regularly with the spammers, either by their domain name or their email addresses
You may also enable DKIM and SPF on you cPanel. DKIM is a mode of verifying incoming email. It ensures that incoming messages are unmodified and are from the sender from whom they claim to be. This feature operates by preventing incoming spam messages. While SPF system allows you to specify servers and IP addresses that are authorized to send mail from your domain(s). This feature operates by preventing outgoing spam messages.
Step 1: Login to cPanel.
Step 2: Click on Authentication under the Email panel.
Step 3. If your domain name is using Quape’s name servers, you will have an Enable button. However, if not, you will see a Warning message. You need to take note of the highlighted information and provide this to your hosting provider in order to use the DKIM and SPF record of Quape.
If you need assistance or have any further enquiries, feel free to contact our support team.
