Spoofing can be put to a number of malicious uses.
Phishers (criminals who trick users into revealing confidential information) use spoofed sender addresses to make it appear that their email comes from a trusted source, such as your bank. The email can redirect you to a bogus website (e.g., an imitation of an online banking site), where your account details and password can be stolen.
Phishers can also send email that appears to come from inside your own organization (e.g., from a system administrator), asking you to change your password or confirm your details.
Criminals who use email for scams or frauds can use spoofed addresses to cover their tracks and avoid detection.
(See Email malware distribution)
Back to Security Threats A-Z
Back to Threatsaurus Home