Display Name Spoofing
by Kapua Iao
Display name spoofing is a targeted phishing attack where an email’s display name is altered to make a message look like it comes from a trusted source.
The goal depends on the cybercriminal’s need: information, money, or maybe sabotage.
How display name spoofing works
The display (or visible) name of an email lets you know who the sender is.
Nowadays, changing the display name is simple through free email service providers such as Yahoo or Google.
Anyone can easily take any name, which is probably why display name spoofing is more common than email address or domain spoofing.
SEE RELATED: Email Spoofing 101: How to Avoid Becoming a Victim
This is particularly true with the proliferation of smart devices that utilize email apps defaulted to show only the display name, making such deception easier.
Once a counterfeit account is set up, a cyber attacker can send an email to a victim (or several victims).
Display name spoofing only works, however, if the fake name is recognizable by the receiver—someone from the government to a boss to a best friend.
The forged person needs to be someone the victim is likely to engage with more.
Something a cybercriminal can easily figure out through social engineering.
The aim of display name spoofing is to get a victim to divulge personal and/or business information for sabotage or money.
And less likely today, to open an attachment or follow a link, and subsequently download malware.
Whatever the reason, display name spoofing can be an unfortunate simple trick if a victim is unknowledgeable.
How you avoid becoming a victim
Know the who, what, where, when, and why of every email you receive.
- Never click blindly on an attachment/link.
- Beware messages that seem too good to be true or too urgent.
- Hover over the display name to see the sender’s email address.
- Check not only the email address but all email header information.
- If using a mobile device and unsure of a message, open it on a computer as well.
- If suspicious of an email, contact the sender another way.
The second step is to combine this awareness with a solid security system.
Healthcare organizations, for example, require HIPAA compliant email to protect employees and patients from cyber fraud.
Paubox Inbound Security delivers HIPAA compliancy with added safeguards against phishing, spam, and ransomware, as well as such features as ExecProtect, which identifies and quarantines display name spoofs.
Investing time and energy learning about cybercrimes and security services is good business.
Recognizing and blocking malicious emails, along with strong cybersecurity, is crucial in keeping an organization safe.