HOW DOES EMAIL SPOOFING ATTACK WORKS :-
Email spoofing is the creation of email messages with a forged sender address. Email spoofing is when the sender of the email forges (spoofs) the email header's from address, so the sent message appears to have been sent from a legitimate email address."Email spoofing is possible because the Simple Mail Transfer Protocol (SMTP) does not provide a Mechanism for Address Authentication"Contrary to what some non-tech users may believe, emailspoofing isn’t black magic. It’s not some hugely complicated task. It’s actually a very simple process that involves making email headers look like they’re coming from one person or organization when they’re really coming from another. The easiest way to spoof mails is for the attacker finds a mail server with an open SMTP (Simple Mail Transfer Protocol) port. SMTP lacks any authentication so servers that are poorly configured have no protection against prospective cyber criminals. It’s also the case that there is nothing stopping a determined attackers from setting up their own email servers. This is very common in In cases of CEO/CFO fraud. Attackers will register domains easily confused for the company they are impersonating, where the email is originating from – e.g. “@exarnple.com” instead of “@example.com”. Depending on the formatting of the email, it might be extremely difficult for a regular user to notice the difference. Although email spoofing is effective in forging an email address, the IP address of the computer sending the mail can generally be identified from the "Received:" line in the email header. This is frequently due to an innocent third party becoming infected by malware, which hijacks the system and sends emails without the owner even realizing it.