EMailSpoofing

EMailSpoofing refers to the creation of email messages with a forged sender address, intended to mislead recipients about who sent them. The forged From header can make messages appear to come from a legitimate person or organization, even though the actual sending server may be unrelated. Spoofing can be based on display-name manipulation, look-alike domains, or compromised accounts, and it is commonly used to facilitate phishing, fraud, or social engineering.

How it works: The SMTP protocol does not reliably authenticate headers, allowing attackers to set arbitrary

Defenses: Email authentication standards aim to prevent spoofing. SPF (Sender Policy Framework) records authorize sending hosts;

Impact: Spoofing enables phishing, business email compromise, fraud, and reputational damage. Awareness, strong authentication, and technical