Email Spoofing: Thugs Scam Mumbai-Based Firm For 10 Lakhs 

Spread the love

An Andheri-based company that manufactures refractory glass and purchases raw materials from China was the latest victim of Email spoofing and lost nearly Rs 10 lakh to suspected Chinese scammers.

Andheri police have filed an FIR, and their cyber wing is looking into the complaint filed by Refractory Shapes Pvt Ltd. In its formal complaint. For the past 20 years, the company has purchased raw materials from China. According to the complainant, Triple H China Limited has been its supplier since August 2020.

How Was This Email Spoofing Carried Out?

Refractory placed an order for 54,000 kg of white tabular alumina worth Rs 32,60,328 on May 10, 2022, and correspondence took place via “official email IDs of both our [export@refshape.com] and the Chinese company [baile@huaomaterial.com].”

“We were supposed to make a 30% advance payment per the agreement, and on May 11, the Chinese company shared their account details in an email communication,” according to the complaint. 

However, Refractory Shapes Pvt Ltd received another email on the same day, this time from a different ID—baile@huaomaterial.com.hanwhas.com. The complaint stated, “We were asked to transfer the advance amount to another account with the Industrial and Commercial Bank of China.” 

The company transferred Rs 9.82 lakh and confirmed the transaction via the same email address. However, after receiving no response, the company contacted the general manager of Triple H China Limited, who informed them that they had not been paid.

Cops in Andheri suspect that someone within Triple H China Limited shared the private communication details with the fraudsters, who then created a nearly identical email address to defraud the Indian company.

Scam Topics are very sensitive issues that have taken the shape of Crime. The majority of people are not aware of such things. Please help us to make people aware of Scam and Cyber Crime by sharing this knowledge and article with others. 
Also Help Us by following us on Instgram, Facebook and Twitter.

What Is Email Spoofing?

Email spoofing is a technique used in phishing and spam attacks to fool users into believing that a message came from someone or something they know or can trust. The sender forges email headers in spoofing attacks so that client software displays the fraudulent sender address, which most users accept at face value. 

Users see the forged sender in a message unless they inspect the header more closely. They are more likely to trust a name they recognize. As a result, they will click on malicious links, open malware attachments, send sensitive information, and even wire corporate funds.

Reasons for Email Spoofing 

  1. Phishing 

The majority of email spoofing attempts result in phishing attacks. A phishing email may appear to be from your bank, employer, or boss, or it may use techniques to coerce information from you, such as posing as a government agency. 

The hacker could steal existing account credentials, install ransomware, or obtain sufficient information to open a new fraudulent account. 

  1. Masking Identity

A spoofed email is completely anonymous. Hackers may use spoofed emails to conceal their identity and gain the user’s trust by appearing to be from a reputable organization or person. 

  1. Avoid Spam Filters 

Spoofed emails are used by hackers to avoid email spam filtering. When an email is spoofed, it is unlikely to be detected by spam filters and may appear to be a regular email.

  1. Identity Theft 

Many unsuspecting users send personal information and credentials to hackers when the spoofed email appears to be trustworthy. Hackers, for example, may request healthcare information or identity verification.

How does Email Spoofing Work? 

Email spoofing does not compromise the sender’s account. It only makes an email appear to be sent by the sender. The difference is that if a sender’s account is actually hacked, the spoofer may gain access to the sender’s contacts or use the account to spam people, resulting in a drop in email reputation. Email reputation is a factor that influences deliverability. 

Email spoofing attacks are carried out with the help of a Simple Mail Transfer Protocol (SMTP) server and an email platform such as Outlook, Gmail, and others. The scammer modifies message header fields such as the FROM, REPLY-TO, and RETURN-PATH.

This is possible due to the evolution of email. The message headers, which include the TO, FROM, and BCC fields, are separated from the message body. SMTP has no way to authenticate addresses because security was not built in when it was created.

How to identify a spoofed Email?

  • . The sender name displayed does not match the email address. 
  • The email signature information, such as the phone number, does not match what is known about the sender (i.e., the sender is located in California but the phone number in the sig file has a Massachusetts area code).
  • Look for the RECEIVED line in the email header. It must match the email address displayed in the email. 
  • Look for RECEIVED-SPF in the email header. It should read “Pass.” If it says Fail or Softail, the email has most likely been spoofed. 
  • If the organization employs DKIM and DMARC, the AUTHENTICATION-RESULTS column will indicate whether the email met the requirements of those protocols.

How to Guard Against Email Spoofing?

Employ email security protocols 

Domain authentication is used in email security protocols to reduce threats and spam. Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance are the email security protocols in use today (DMARC). 

SPF detects forged sender addresses during the delivery phase, but only in the email’s envelope, which is used when an email is bounced. However, when combined with DMARC authentication, SPF can detect a forged “visible sender,” which is a common phishing and spam technique.

Encrypt Emails 

DKIM employs public and private keys to verify that a sender is who they claim to be. Each SMTP message requires a pair of keys that match a public DNS record, which is verified by the receiving mail server. 

Install an email Security Gateway. 

Email security gateways, also known as Secure Email Gateways, are a group of technologies that work on a network level to block emails that do not comply with security policies.

An email security gateway scans all incoming and outgoing emails and may include features such as malware detection, spam filtering, content filtering, and email archiving. Users are unaffected because these protective actions take place at the network level.

Use an Antimalware Programme. 

Spoofed emails may be detected and blocked by antimalware before they reach their intended recipients’ inboxes. Updating antimalware software is critical because attackers are aware of newly discovered vulnerabilities and act quickly to exploit them.

Conclusion

Tricking people is difficult unless they make it so. Spoofing attacks are deceptive in nature. You can avoid being duped into a spoofing attempt if you stay alert and cautious while browsing the Internet. 

Make sure you have the right tools to protect yourself from cyber-attacks. Keep in mind that attackers can only exploit your devices if you allow them to.