If someone ever impersonates you via email, you may stop receiving legitimate email messages too. Computers belonging to people who received a fake email message may automatically send all new messages to the phony address instead of yours. Senders don’t realize what is happening, and you stop receiving essential email messages.
Consider Nick. One day, one of his friends notified him that they received an email message that appeared to be from Nick saying he was in a predicament and wants them to send money. Of course, Nick did not send the message. Someone is impersonating him! The recipient was aware enough to realize the request for payment was counterfeit.
Then, the unexpected happened. Some of Nick’s business associates, customers, and friends complained, “Hey Nick – Why haven’t you replied to that email message I sent you last week?” His associate named Tony felt snubbed because Nick stopped replying to his messages. Nick had no idea Tony was sending messages because Nick never received any of them.
The cause of this problem is that, unbeknownst to most people, when a bad actor sent the fake email with a made up email address, the recipient’s computer stores the phony email address to be used in the future to auto-fill the “To:” address field.
Check your computer. When you start to compose an email message and begin typing the name of the person to whom you are sending the message, does their name show up automatically on a list before you finish typing?
A bad actor might have impersonated you by spoofing your email address with a fake one: Nick Stark <Nich0las @yahoo.com>. But your real email address may be Nick Stark <NStark @yourcompany.com>. While your name is the same, the addresses are different.
From now on, when someone sends an email to you, their address book will auto-fill “Nick Stark” as they type your name into the “To” box in the email message. Unless they pay special attention, their email program may send the email message to the fraudulent email address. You will not receive the email, and the sender expects that you will.
One way you can solve this is to alert people that, when they send you an email message, to verify that, as they fill in your name as the recipient, the email address that shows up is Nstark @yourcompany.com. If they see your name with the wrong email address in their auto-fill list, they should click the option to delete the record with the fake address.
If you have ever been the victim of spoofed email messages sent in your name, you should notify your contacts. If people complain that you do not receive email messages they send you, you should advise your contacts as well.
The auto-fill feature is helpful when sending email messages, but it can come back to bite you if an attacker ever impersonates you in an email message.
Send this message to your friends, especially if anyone ever fakes their email address, so they can help ensure that they receive legitimate email messages.