Email becomes more and more important and essential in the business world. It’s a great way to communicate with both external customers and internal colleagues. Many deals won’t be closed without emails.
Most of common people trust the email based on the display sender shown by email client. But does it really come from the claim sender? For example, is below email sent from your company’s “IT Services” marked in red rectangle? Will you follow the instructions and click the link?
Email Spoofing, Forged Email, Business Email Compromise (BEC), etc, you may be not familiar with these security terms, but they are used to fool you on who sent the email. If you are an expert on email security, you can get some clues from email header and won’t be fooled based on experience. But for most of common people, they can’t. Then you should rely on ingenious tools.
With Mr. Post, it’s easy to unveil the “Real Sender”. It will display the “Real Sender” in result pane marked by blue rectangle in below snapshot.
Now you have “Display Sender” and “Real Sender”. You should pay more attention when they don’t match.
However, there is another scenario which will also cause these two “Senders” don’t matched: Marketing Email. Some businesses will use 3rd party services to spread marketing emails, in this case, the 3rd party services will send the email on behalf of original senders. So you can find that the “Real Sender” will belong to 3rd party services which doesn’t match with “Display Sender”.
Don’t click any link when two “Sender” don’t match is always a conservative but secure suggestion to resist cyber attack.
Further more, there will be another question raised in your mind: Will the “Real Sender” also be forged by bad guys? Please visit this post for more details.