PDF download Download Article PDF download Download Article

Email spoofing happens when someone sends an email to you that appears to be from another person. It's usually used in conjunction with phishing scams , where a bogus company is trying to get your personal information. If you suspect spoofing, check the email's header to see if the email address generating the email is legitimate. You can also find hints in the content of the email that it might be spoofed.

Method 1
Method 1 of 2:

Checking the Email Header

PDF download Download Article
  1. Spoofing scams use a sender name that will look familiar to try to trick you into opening the email and following the instructions. Whenever you get an email, hover your mouse over the contact name and look at the actual email address. They should match or be pretty close. [1]
    • For example, you might get an email that looks like it's from your bank. So the sender name will be "US Bank of America." If the email address is something like "customerservice@nowhere.com," chances are you're being spoofed.
    • If someone's personal email address is spoofed, make sure the email address listed is the one you have for that person.
  2. The header information for each email address is located in a different place for each email provider. Pull up the header so you can review the information. The email addresses in the header should match the email address it's supposed to be coming from. [2]
    • In Apple's Mail app, you can find header information by selecting the message you want to review, choosing "View" at the top of the app screen, then "Message," then "All Headers." You can also press Shift+Command+H.
    • In Outlook, select View/Options.
    • In Outlook Express, select Properties/Details.
    • In Hotmail go to Options/Mail Display Settings/Message Headers and select "Full."
    • In Yahoo! Mail select "Full Headers."
    Advertisement
  3. Every time the sender sends an email or a reply, a new "Received" field is added to the email's header. In this field, you should see an email address that matches the sender name. If the email is spoofed, the received field information won't match the email address. [3]
    • For example, in the received filed from a legitimate Gmail address, it will look something like "Received from 'google.com: domain of'" and then the actual email address.
  4. In the header, you'll see a section called "Return path." This is the email address that any reply will be sent to. This email address should match the sender name in the original email.
    • So for example, if the email name is "US Bank of America," the return path email address should be something like "customerservice@USBankofAmerica.com." If it's not, chances are the email is spoofed.
  5. Advertisement
Method 2
Method 2 of 2:

Checking the Email's Content

PDF download Download Article
  1. Most spoofing emails contain alarming or aggressive subject lines to try to convince you to follow the links inside. If the subject line seems designed to scare or worry you, chances are it's a spoofing email.
    • For example, a subject line like "Your account has been suspended" or "Take action now: account suspended" indicates the email is a spoof.
    • If the spoofed email is coming from someone you know, the subject line might be something like "I need your help."
  2. If the email includes links, don't click them. Instead, let your mouse hover over the link. A small box should pop up that shows you the actual url that the link will take you to. If it looks suspicious, or isn't related to the supposed sender, don't click it. [4]
  3. Legitimate emails will be well-written. If you notice any spelling or grammar mistakes, you should be suspicious of the email.
  4. Most legitimate companies, especially banks, will never ask you for your personal information through an email. This can include usernames, passwords, or account numbers. Never give out this information through an email. [5]
  5. In contrast to poorly written emails, spoofing emails might also sound overly professional. If they overuse professional or discipline jargon that you don't recognize, they could be trying too hard to sound legitimate.
  6. If you're receiving an email from a company or client you work with regularly, there should be plenty of detail. Anything vague should make you suspicious. If the email is supposed to be from a friend, check to make sure it reads like their emails usually do.
  7. Legitimate communications from companies will include contact information for the person contacting you. If you can't find an email address, phone number, or mailing address in the email, chances are it's a spoof.
  8. If you're not sure whether an email is a spoof, contact the sender it's supposed to be from. Check a company's website for their customer service contact information. Their customer service department should be able to tell you whether the communication is legitimate. You can call or text a friend you suspect of being spoofed.
    • If you suspect an email has been spoofed, don't reply directly to the email asking for clarification. If you do, it's a good way for the person on the other end of the spoofed email to try to get more information from you.
  9. Advertisement

Example Spoofing Email and Subject Lines

Expert Q&A

Ask a Question
      Advertisement

      Tips

      Submit a Tip
      All tip submissions are carefully reviewed before being published
      Name
      Please provide your name and last initial
      Thanks for submitting a tip for review!

      About This Article

      Thanks to all authors for creating a page that has been read 83,255 times.

      Is this article up to date?

      Advertisement