Spoofing and phishing prevention
[wa_restricted roles=”not:Bronze” message=”Please log in to view this page”]
Spoofing /Phishing emails can:
- ask you for your data, especially password and username;
- contain suspicious links to malevolent websites;
- ask you to pay for something that you are not usually required to pay for;
- lead you to false email addresses when trying to answer.
How to be sure about an email?
Sometimes, just looking at the email address is not enough: in fact, it can be easily faked to seem a genuine one. To be completely sure that an email has not been spoofed, it is necessary to check the source of that email. To do so, simple steps can be followed:
- open the email of interest and go in its options;
- find “view message details” or “view message origin”;
- a window containing the message header will show up (you can find an example at below);
- check the “Received: from” and the “Received-SPF” fields within the whole text: in the first one you should find the same email domain of the receiving address, while in the second one you can find the Sender Policy Framework, a code to make you understand if the server is “true” (“Pass” means the mail is fine; while “Fail” or “Softfail” can be suspicious).
