Prevent Email Spoofing


As you may recall from our article in October 2013, scammers and spammers will often try to hack into web mail accounts in order to send out emails from a trusted source; however, another method to accomplish this is called email spoofing. What is email spoofing exactly? Spoofing an email means sending an email with a forged sender address, typically for malicious purposes. These scammers will scour the Internet for any publically available email addresses, usually from online communities and social media, and use them in place of their own address. This is done to mislead the recipient into thinking that the email is from a legitimate source.
If you have received a bounce-back message in your mailbox for an email that you did not send, that is a sign that someone is spoofing your email address.


To prevent this from happening we suggest that any personal email addresses be kept private, and that you never publish your email address on a publically viewable website.
In addition to this, we highly recommend creating an SPF record for your domain. An SPF record is a DNS record that lets email servers know who can officially send emails from a given domain.
This is what a SPF record looks like:

If you wish to create your own SPF record, or simply experiment, Microsoft has created an SPF record creation wizard, located here: