white text horizontal stm logo

Our Blog

pexels mikhail nilov 6963099
April 15, 2023

E-mail Phishing & Domain Spoofing

In today's digital age, email has become an essential part of our daily lives. We use it to communicate with friends, family, and colleagues, and even to conduct business. Unfortunately, email has also become a prime target for scammers, who use a technique called phishing to steal sensitive information from unsuspecting victims. In this blog post, we'll explore what email phishing scams are and how domain spoofing is used to trick people into giving away their personal information.

What is Email Phishing?

Phishing is a type of cyber attack that uses email as a means of stealing personal information, such as passwords, bank account numbers, and credit card details. The attackers usually send out an email that appears to come from a reputable company or organization, such as a bank or online retailer. The email will typically contain a message that urges the recipient to click on a link or open an attachment, which will then take them to a fake website or download malware onto their computer.

Phishing emails can be very convincing, and many people have fallen victim to them. In fact, according to a report by the Anti-Phishing Working Group, there were more than 220,000 phishing attacks reported in the first quarter of 2021 alone.

What is Domain Spoofing?

One of the ways that scammers make their phishing emails appear more legitimate is by using a technique called domain spoofing. This involves creating a fake email address that looks similar to the real email address of the company or organization they are impersonating.

For example, let's say you receive an email from what appears to be your bank, with an email address that reads something like this: info@mybank-login.com. At first glance, the email address may look legitimate, but in reality, it's a fake address created by scammers to trick you into clicking on a link or providing your personal information.

How to Protect Yourself from Email Phishing Scams and Domain Spoofing

Protecting yourself from email phishing scams and domain spoofing requires a combination of vigilance and caution. Here are some tips to keep in mind:

  1. Be suspicious of unsolicited emails. If you receive an email from someone you don't know or a company you haven't dealt with before, be wary.
  2. Check the sender's email address. Look closely at the sender's email address to make sure it's legitimate. If it looks suspicious or unfamiliar, don't open the email or click on any links.
  3. Hover over links to check their destination. If an email contains a link, hover your mouse over it to see where it leads. If it's a fake link, it will usually take you to a different website than the one it claims to be.
  4. Don't provide personal information. Never provide personal information, such as your password or credit card details, in an email.
  5. Use anti-phishing software. Many anti-virus and security software programs offer anti-phishing protection. Consider using one of these programs to help protect your computer and personal information.


Email phishing scams and domain spoofing are serious threats to your personal and financial security. By being aware of these threats and taking steps to protect yourself, you can minimize your risk of becoming a victim. Always be cautious when opening emails, and never provide personal information unless you're sure the request is legitimate. Stay safe online, and don't let scammers take advantage of you.

Recent Posts


white text horizontal stm logo250
We proudly acknowledge that we conduct business on the unceded territory of the Haisla Nation.
© 2022 Spruce Tree Media Ltd. All Rights Reserved.
menu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram