Email spoofing: Your account has been hacked

What is email spoofing?

Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source. The goal of email spoofing is to get recipients to open, and possibly even respond to, a solicitation.

How can I identify a spoofed email?

A spoofed email can be identified through one of the following ways;

If they contained subject lines similar to;

  • Security Alert. Your account has been hacked. Password must need to be changed
  • Your Account is hacked
  • All personal details are hacked
  • Your password must be need changed (your password:xyzaye)
  • test@yourdomain.com is compromised. Password must be changed

If the email requested one or more of the following;

  • Personal details
  • Bank account details
  • Deposit money into an unknown account/crypto-wallet
  • Visit a link to verify credentials.
  • Visit a link to reset email password.
  • Job portal link

How do I confirm that the email is indeed a spoofed or spam email from the email headers?

The authenticity of the email can be checked by looking for any of the following parameter within the source of the email.

  • Received-SPF: Softfail (domain owner discourages use of this host)
  • X-CMAE-Score: 100
  • X-Spam-Status: Yes
  • X-Spam-Flag: Yes
If you cannot see any of the above tags in your email headers, please enable SPF in Email Authentication and Spamassassin. You may contact support desk for any assistance on the same.

Is my account compromised if I receive such an email?

No, your email account is not compromised in any way. The email received is either a SPAM or a spoofed email.

Why isn’t the server classifying such emails as SPAM?

Our servers have stringent email checks in place which ARE classifying these emails as SPAM, which would arrive within the Spam/Junk folder of the email user.

Can I completely avoid receiving a spoofed email?

No, In every case the spammer may use a different subject and a different body, so creating a filter globally won't help, it may risk blocking legitimate emails.

Was this answer helpful?

 Print this Article

Also Read

What is RBL?

RBL is short for Realtime Blackhole List, a list of IP addresses whose owners refuse to stop the...

Managing registered email address for scripts

We have enabled a tool that restricts the email IDs which can be used for sending emails through...

Google Email MX Setup in cPanel

Login to your cPanel and open Zone Editor Click on Manage Remove all existing MX records Add...

How To Migrate An IMAP Email Account - Moving IMAP Email Servers

Migrating IMAP email from one server to another   When you move to a new Email provider,...

How to change SMTP port with MS Outlook?

1. Go to your Outlook and click on Tools > Email Accounts2. Select View existing email...