Can hackers spoof an email address of your own domain?

Can hackers spoof an email address of your own domain?

Are you aware that one of the first things hackers try is to see if they can spoof the email address of someone in your own domain? If they are able to, penetrating your network is like taking candy from a baby.

Now they can launch a "CEO fraud" spear-phishing attack on your organization, and that type of attack is very hard to defend against, unless your users are highly ‘security awareness’ trained. Once the bad guys know they can spoof any email address, this is the next thing they do:

  • A cybercriminal does a 'deep search' for email addresses of your organization on the Internet.
  • They find all publicly available email addresses of your employees.
  • They use these to launch a phishing attack on as many employees as possible.

Once they have all publicly available email addresses, the fun starts. The more of your email addresses that are floating out there, the bigger your attack footprint is, and the higher the risk is. It’s often a surprise how many addresses are actually out there. Now they can send all employees an email supposedly coming from Human Resources, the CEO or perhaps the mail room, and social engineer your users to click on a link. Would you like to know if hackers can spoof your domain?

Sign Up For Your Free Domain Spoof Test

Find out now if your domain can be spoofed. The Domain Spoof Test (DST) is a one-time free service. You can request to get this DST, so you can address any mail server configuration issues that are found. NOTE: Not everyone is qualified for the DST. It is not for individuals, but only for the person in the organization responsible for email security. We need a valid email address from the domain of your own organization, so Gmail, AOL, Yahoo or any other ISP are not accepted.

  • Sign up for your Free Test

  • This field is for validation purposes and should be left unchanged.