Recent Blogs

How to Protect Your Employees From Email Spoofing

Running a business is extremely difficult and when most people think about owning or managing a business, they’re not even thinking about all the security measures that must be undertaken to just keep the doors open. While email is incredibly beneficial to most businesses, it can also be an area that brings a business to its knees. One term that you need to be sure your employees are aware of is email spoofing. Read on to learn more about this sneaky tactic that can spell disaster for your company.

What is Email Spoofing?

Email spoofing is when the email header is changed to make it appear as if the email originated from someone either internal to your company or someone that you know. Basic email protocols do not require any built-in authentication, which makes it possible for hackers to trick the recipient into trusting the origin of the email.

How to Protect Your Company from Email Spoofing?

There are a number of steps that your organization can take to protect yourself and your employees from email spoofing, a few of which include:


It’s critical that your employees understand what email spoofing is and how to spot emails that are coming from unreliable sources. You can show employees how to take a quick look at an email header to spot issues with the authenticity of an email sender.

Add Authentication

There are a number of authentication methods that have been developed specifically to offer authentication for incoming messages. These authentication methods often must be installed by your IT provider, but they can help to reduce the risk of email spoofing. The most popular methods include:

  • SPF (Sender Policy Framework) – This authentication method checks whether a certain IP address is authorized to send from a domain.
  • DKIM (Domain Key Identified Mail) – DKIM uses a pair of cryptographic keys which sign all outgoing messages and also validate any incoming messages.
  • DMARC (Domain-Based Message Authentication, Reporting and Conformance) – This authentication allows the sender to let the recipient know whether its emails are protected using SPF or DKIM. This method of authentication is relatively new and is therefore not yet widely used.
Tag External Emails

Tagging external emails will provide a visual warning to your employees. There are a few ways to do this but the most popular are below.

Subject Line Warning

Appending a tag that looks like this, [EXTERNAL], to email subject lines for messages received from external users. This tag will immediately inform employees that this email was received from outside the organization.

Email Body

Appending a message like the following, “CAUTION: This email originated from outside of the of the organization.” within the email body above the message text. See the image below for a visual representation of what this would look like within the body of an email.

Reach Out to Unified Network Group to Boost Your Company’s Email Security 

As you can see, protecting against email spoofing can be quite complex. If you need some assistance to determine whether you’re adequately protecting yourself and your employees from spoofing and other cyber-attacks, do yourself a favor and give the team at Unified Network Group a call today. We can be reached by phone at 864-278-0202 or feel free to send us an email using our online contact form.