Display name spoofing

 

Display name spoofing is a targeted phishing attack where an email’s display name is altered to make a message look like it comes from a trusted source.

The goal depends on the cybercriminal’s need: information, money, or maybe sabotage.

 

How display name spoofing works

 

The display (or visible) name of an email lets you know who the sender is. Nowadays, changing the display name is simple through free email service providers such as Yahoo or Google. Anyone can easily take any name, which is probably why display name spoofing is more common than email address or domain spoofing.

 

 

In above picture, by seeing display name it seems it's from American Express but when you see sender domain it's americanexpress-supportcenter.ml that's spoofed domain. So here display name and domain name both has been spoofed. So instead of reply or opening attachments report it as phishing.

Contact Our Team

If you still can't find an answer to what you're looking for, or you have a specific question, open a new ticket and we'd be happy to help!

Contact Us