A Countermeasure Technique for Email Spoofing

Email spoofing is a technique used by hackers to hide their identities which plays a major role in phishing which poses to be an authentic or legitimate user. Phishing attacks use spoofed emails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. Major of inbound email threats such as spam, viruses, phishing and most email denial-of-service attacks can all be traced back to a single common cause – lack of authentication in the email protocol SMTP. Hence this shortcoming has to be addressed with great deal of effort which when un-attempted causes severe consequences. In recent years lot of research has been done in this direction but focus on informing the users whose email address is used for spoofing was given least or almost no priority. At present scenario somehow only the receiver comes to know that the email received is fake but users whose email address is used to spoof the email do not come to know about the incident unless and until receiver suspect the mail and cross examine it with the sender manually. In this paper we are discussing the technique which can detect and inform the individual whose email address has been used for spoofing the email. It will help the innocent users to take a counter measures.

Keywords: E-Mail Spoofing, E-Mail Authentication, SMTP (Simple Mail Transfer Protocol), DKIM (Domain Keys Identified Mail), SPF( Sender Policy Framework ), MTA (Message Transfer Agent),Mail Submission Agent (MSA), or Mail User Agent (MUA).