Display name spoofing is a very common technique used by cyber criminals to carry out phishing activities, that is, to recover valuable information to gain an advantage. Often this type of attack aims to obtain credit card numbers, bank account numbers or login credentials to some service.
The practice consists of sending mass emails
Using the name of trusted organizations and personalities. Since most email clients such as Microsoft Outlook or Mozilla Thunderbird only display the sender’s name and not the email address, the recipient may fall into the trap set by the hacker.
It is easy to run into situations where the sender’s email address does not logically correspond to the real name: if you receive mail from “ Mario Rossi di Banca Italia < [email protected] > ”, you can immediately guess that the email is not from Mr. Mario Rossi and, even more easily, that this figure is not an employee of this alleged bank.
Attackers can change their display name
To that of another person, organization, or entity in order to mislead users who interact with them. Once the display name has been manipulated, other users may be fooled into making decisions based on incorrect information. For example, they may job seekers database respond to a message thinking they are interacting with a different person, or they may be tricked into sharing sensitive information.
How to protect yourself from display name spoofing?
In case of doubt, the best thing to do is to view the source of the message and compare the consistency between the sender name and the Return-Path : if they differ, it means that the communication is not reliable.
Keeping the same example, if I read in the From “ Mario Rossi di Banca Italia
The correspondence would not be there, as the domains (bancaitalia.it and email555.com) are different.
Most people do not read all the metadata in an email, thus falling into the trap set by cybercriminals. This is why hackers usually target interfaces that are designed with the primary goal of being clean and easy to use; therefore, in the “ From: ” field, the sender’s address is hidden until the recipient views the details.
How does Shellrent work?
If you already use our email service, you will know that most phishing attacks. Conducted through display name spoofing methods are blocked prematurely .
We frequently increase checks to prevent the entry of emails that use display name spoofing, making the rules of our anti-spam system stricter and activating additional features that check whether the sending email address in the Return-Path field matches the From field .
If this does not match, the email will receive a lot of spam points and you will not see it in your inbox . In this way, our anti-spam system protects you from email phishing , reducing to a minimum the entry of messages that use display name spoofing as a fraud technique.
However, this does not mean that you
Should not pay the utmost attention to the content of the emails you receive, since some. More skilled” hacker could still appear trustworthy at first and “get away with it”. If you have even the slightest doubt, view the source code of. The message it is very simple to do a good to have clearer information and persist, contact our. Technical Support or the company/person who is writing to you.
Combine Mail Protection to reduce spam and improve email deliverability
For better email delivery, at Shellrent we have created aleart news the Mail Protection service that adds. DKIM and SPF/DMARC records to your domain, required by Google itself. Among the main advantages of Mail Protection:
More reliable delivery
Best delivery rating
Spam and Spoofing Reduction
In fact, thanks to the authentication protocols, your emails will be rated. As better by anti-spam filters and this will improve the delivery rating and delivery. The recipient’s server, in fact, will be able to safely verify.