What can my hosting provider do to help protect clients against email spoofing?

If in doubt delete.

What can my hosting provider do to help protect clients against email spoofing?

Email Spoofing is when a threat actor forges email headers so the receiver’s client software displays a fraudulent email address, taking advantage of email headers’ trust factors, that most end users are unaware that email headers can be forged and take it as trusted and legitimate.

Quick tips in spotting spoofing:
The sender and receiver email addresses are the same.
Threats of account closures.
Time limitation threats like act now before your account is closed.
Poor Spelling and Grammar. Not so relevant anymore as scammers are now a lot more professional as seen in cloning emails of PayPal.

Email spoofing is an original way for spammers to get around email filters, today it is a global cybersecurity crisis with 3.1 billion domain spoofing emails sent per day, bearing in mind 90% of cyber-attacks start with an email message. Email spoofing hides the sender’s ID, helps get around blocklists and spam filters, and tricks you into believing the email is from a legitimate source. Security protocols were introduced to reduce email spoofing, redirecting spoofed email messages to user spam boxes. Scammers program scripts so to add their own senders’ email address of choice in the headers whether the email address is real or not, utilizing Email API endpoints, thereby by-passing protocols. Email is sent using Simple Mail Transfer Protocol (SMTP), first via the outgoing server, the receiver’s domain is identified and the spoofed email is routed to the domain’s email server, then the recipient’s email server routes the spoofed message to the right user inbox.

Email spoofing & hosting
Spoofing email as plaint text

Other tools Hosting companies can provide to reduce spoofing.

Sender Policy Framework (SPF) is an email authentication method to detect spoofed email headers by whitelisting IP addresses that can send emails for the domain. Email servers perform an SPF lookup and then reject the mismatched email as spam. Email servers execute an SPF lookup preventing spammers from using spoofed domains in the email envelope.

DKIM (DomainKeys Identified Mail), is an email authentication method to detect spoofed sender addresses by cryptographically signing sent emails with a signature for the organisational level corresponding to a public key is published to the DNS records. The email is sent and DKIM (DomainKeys Identified Mail) makes sure the email is not altered on the pathway between sending and receiving.

Domain-based Message Authentication Reporting & Conformance (DMARC) is an email security protocol. DMARC verifies email senders by combining Domain Name System (DNS), DomainKeys Identified Mail (DKIM), and Sender Policy Framework (SPF) protocols. DMARC requires DKIM or SPF to be in place on an email domain and a DMARC record to be published in the DNS. DMARC enforces an alignment MAIL FROM and the sender and enables the email domain’s policy to be shared and authenticated after the DKIM and SPF status has been checked.

Spoofing is a method of delivery; Phishing is a method of retrieval.

What I Do.

I specialise in Digital Footprints for new Startups and Identities struggling to be found in Search.

Google Maps Marketing Local SEO

Google Maps Marketing Local SEO

Google Maps Marketing Local SEO is the art of optimising your online presence and increasing foot traffic to your local based business.

SEO Digital Content Copywriting

SEO Content Copywriting

SEO Digital Content Copywriting is the art of copywriting keyword/phrase content that is found in search results that converts.

Search Engine Marketing SEM

Search Engine Marketing SEM

Search Engine Marketing SEM is a paid advertising strategy, like pay-per-click (PPC) increasing website visibility to appear as search results in Search Engine Results Pages SERPs.

WordPress Websites

WordPress Websites

​WordPress is an open-source versatile content management system CMS for users to create easy functional beautiful looking websites that is found in search

WordPress Websites SEO

WordPress SEO

WordPress SEO is the art of of getting your WordPress Website Pages on #Page1 of Organic Search Results for your Keywords/Phrases/Products/Services to your (best converting) target audience.

WordPress Website Maintenance

WordPress Website Maintenance

WordPress Website Maintenance is the process of keeping your website functioning properly, fast, secure, backed-up, up-to-date and in line with best practices that supports your SEO strategy.

Photography for WordPress Websites SEO

Photography

Photography is the art of capturing an instant in time by recording the light you see and applying a filter of your innermost thoughts.

Samsung Gear 360° Virtual Reality Video

360° Virtual Reality Video

Let's Work Together!

Contact SEO Cape Town.

5 Clarendon Court, Melrose Road, Muizenberg, Western Cape 7945, South Africa VFR9+XP Lakeside, Cape Town
(+27) 060 904 5988
Email Me

COVID19 Corona Virus South African Resource Portal

First Peoples Land Statement

Search Engine Optimisation Marketing operates on the traditional, ancestral and unceded lands of the San and Khoe peoples. I wish to acknowledge the lands of the First Peoples we now occupy.