Beware of the Unicorn:
Phishing Messages and
Display Name Spoofing
|Display name spoofing is a tactic used by phishers where the email being sent looks like it's coming from a trusted source.
[Oct. 26, 2018] Most of us are quite familiar with phishing messages – those annoying emails that try to trick us into divulging personal information such as our user names and passwords, credit card numbers, social insurance numbers, etc.
A common tactic employed by cyber criminals when they go on phishing expeditions is to impersonate someone you know or a source that you trust. There are a couple of ways this happens:
- Display name spoofing. These are targeted attacks where the email displays the name of someone you know or a source that you deal with regularly but the email address behind it is incorrect. Unfortunately, a lot of the time people will rely on the display name without checking the email address behind it and that’s what the spammer is counting on. Their aim, by impersonating one of your contacts, may be to get you to reply to the message and engage in a dialogue to divulge personal and/or business information, engage in transactions, open an attachment or follow a link.
- Spoofing the senders email address along with the senders display name. Again, the email looks like it is coming from a trusted source, but in this case, the display names and email addresses being used are legitimate. If you reply to the message it will go to the actual address owner and not the spoofer. The person initiating the phishing attack couldn’t care less. Their goal is to try to build enough confidence in you that you will open the attachments or click the links in the message without giving it much thought.
Here at Sheridan we’ve seen examples of phishing attacks where emails have contained spoofed addresses that have ranged from individual faculty members and senior college leadership to departmental contacts such as the IT Service Desk.
Unfortunately, spoofing an email address is all too easy. With a server that can send email and the right mailing software you can send email to look like it’s coming from almost anyone.
How to Protect Yourself
Today’s spammers are making greater efforts to make their emails look real and it can sometimes be difficult to verify the legitimacy of these messages; especially if you are viewing them on a tablet or mobile phone. To keep your personal information safe, vigilance and skepticism are your best friends.
- Beware of messages that convey a false sense of urgency
- Never click on suspicious links or download/open unfamiliar attachments
- Try to ensure that the email address behind the display name is valid
- If you’re viewing a message on a mobile device and it seems suspicious, it is sometimes easier to determine the validity of a message if you view it on a PC
- If a suspicious email is from someone you know, try contacting them via a channel you know is valid (e.g. phone, text, email) to check if they really sent the message. Do not reply to the suspicious email.
- When in doubt, contact IT Security for a second opinion — be sure to forward the suspicious email as an attachment.
More Information About Phishing Attacks
For more information about phishing attacks, including phishing examples and additional tips on safeguarding yourself, see Phishing Messages – Don’t Get Hooked.
Questions or Concerns?
If you have further questions or concerns send email (no spoofing!) to firstname.lastname@example.org.