Display name spoofing

Featured image

Share this article

hacker ready to use a spoofing attack

Definition

Display name spoofing is a targeted phishing attack where an email’s display name is altered to make a message look like it comes from a trusted source.

The goal depends on the cybercriminal’s need: information, money, or maybe sabotage.

How display name spoofing works

The display (or visible) name of an email lets you know who the sender is.

Nowadays, changing the display name is simple through free email service providers such as Yahoo or Google.

Anyone can easily take any name, which is probably why display name spoofing is more common than email address or domain spoofing.

SEE RELATED: Executive Protection for Display Name Spoofing

This is particularly true with the proliferation of smart devices that utilize email apps defaulted to show only the display name, making such deception easier.

Once a counterfeit account is set up, a cyber attacker can send an email to a victim (or several victims).

Display name spoofing only works, however, if the fake name is recognizable by the receiver—someone from the government to a boss to a best friend.

The forged person needs to be someone the victim is likely to engage with more.

Something a cybercriminal can easily figure out through social engineering.

The aim of display name spoofing is to get a victim to divulge personal and/or business information for sabotage or money.

RELATED: Report Reveals Business Email Compromise Techniques, Success

And less likely today, to open an attachment or follow a link, and subsequently download malware.

Whatever the reason, display name spoofing can be an unfortunate simple trick if a victim is unknowledgeable.

How you avoid becoming a victim

The first step to not being a victim is awareness, and for organizations, employee awareness training.

Know the who, what, where, when, and why of every email you receive.

  1. Never click blindly on an attachment/link.
  2. Beware messages that seem too good to be true or too urgent.
  3. Hover over the display name to see the sender’s email address.
  4. Check not only the email address but all email header information.
  5. If using a mobile device and unsure of a message, open it on a computer as well.
  6. If suspicious of an email, contact the sender another way.

The second step is to combine this awareness with a solid security system.

Healthcare organizations, for example, require HIPAA compliant email to protect employees and patients from cyber fraud.

Paubox Email Suite Plus delivers HIPAA compliancy with added safeguards against phishing, spam, and ransomware, as well as such features as ExecProtect, which identifies and quarantines display name spoofs.

Investing time and energy learning about cybercrimes and security services is good business.

Recognizing and blocking malicious emails, along with strong cybersecurity, is crucial in keeping an organization safe.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Kapua Iao

Read more by Kapua Iao

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022