Email "(Electronic Mail)" is the exchange of computer-stored messages by telecommunication. Email messages are usually encoded in American Standard Code for Information Interchange (ASCII) text. However, you can also send nontext files -- such as graphic images and sound files -- as attachments sent in binary streams.
Today's email systems are based on a store-and-forward model. Email servers accept, forward, deliver, and store messages. Neither the users nor their computers are required to be online simultaneously; they need to connect, typically to a "Mail Server" or a "Webmail Interface" to send or receive messages or download it.Email is one of the protocols included with the Transport Control Protocol/Internet Protocol (TCP/IP) suite of protocols. A popular protocol for sending email is Simple Mail Transfer Protocol (SMTP), and a popular protocol for receiving it is Post Office Protocol 3 (POP3). Email was one of the first activities performed over the internet and is still the most popular use. A large percentage of the total traffic over the internet is email. Email can also be exchanged between online service provider users and in networks other than the internet, both public and private.
Email spoofing is the fabrication of an email header in the hopes of duping the recipient into thinking the email originated from someone or somewhere other than the intended source. Because core email protocols do not have a built-in method of authentication, it is commonplace for spam and phishing emails to use said spoofing to trick the recipient into trusting the origin of the message.
The ultimate goal of email spoofing is to get recipients to open, and possibly even respond to, a solicitation. Although the spoofed messages are usually just a nuisance requiring little action besides removal, the more malicious varieties can cause significant problems, and sometimes pose a real security threat.
As an example, a spoofed email may purport to be from a well-known retail business, asking the recipient to provide personal information like a password or credit card number. The fake email might even ask the recipient to click on a link offering a limited time deal, which is actually just a link to download and install malware on the recipient's device.
One type of phishing – used in business email compromise – involves spoofing emails from the CEO or CFO of a company who works with suppliers in foreign countries, requesting that wire transfers to the supplier be sent to a different payment location.
Although most well-known for Phishing P urposes. Yet, there are actually several more reasons for spoofing sender addresses.
Hiding the sender’s true identity
though if this is the only goal, it can be achieved more easily by registering anonymous mail addresses.
Avoiding spam blacklists
If a sender is spamming, they are bound to be blacklisted quickly. A simple solution to this problem is to switch email addresses.
Pretending to be someone the recipient knows,
in order to, for example, ask for sensitive information or access to personal assets.
Sending messages in someone’s name can also be used to commit identity theft, for example, by requesting information from the victims financial or healthcare accounts.
Using Email Spoofing as of in phishing, Hacker's goal could be to get their targeted victims to:
Provide personal or financial information;
Turn over intellectual property and other proprietary information or data;
Perform a wire transfer or another electronic transfer of funds;
Provide login information or other user credentials;
Download a file from an email that contains Malicious software; and/or
Click on a malicious link.