What is spoofing?
Spoofing is an act of impersonating your own domain when sending emails, E.g., the "yourorg.com" part of your email address after the @ sign.
Hackers will often "spoof" your domain when sending malicious emails in order to add authenticity to their emails, convincing potential victims to click/follow their instructions.
What does the domain spoofing test do?
Our Domain Spoofing Test is designed to show you whether or not a spoofed email can make it into your inbox (and therefore, into the inbox of any of your users), or whether it is successfully caught in your perimeter protection system.
Knowing this information allows you to make the necessary changes to your security systems in order to block spoofed emails.
How to use the Domain Spoofing Test
To use the Domain Spoofing Test, follow these three simple steps:
- Visit https://www.phishingtackle.com/domain-spoofing-test/
- Enter your details into the test form
- Only use a business address. Do not use a public email address, such as Gmail, Live.co.uk etc. These will be automatically ignored.
- Hit Try and spoof me
We then create a non-malicious simple email using your own domain, and send this to the address you entered.
How do I know if I passed or failed the test?
You passed if...
If the email lands in your Junk/Spam folders then you are most likely safe. You may also receive a non-delivery report if you have measures in place to protect against domain spoofing.
You failed if...
If the email arrives in your Inbox, then your domain can easily be spoofed and you are at a significantly elevated risk to being hacked.
What do I do if I fail a Domain Spoofing Test?
If you did fail the test, Sender Policy Framework (SPF) records can be added to your DNS which will reduce your susceptibility to being spoofed.
What is SPF?
A Sender Policy Framework (SPF) record is a type of Domain Name Service (DNS) TXT record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to detect and prevent malicious actors from sending messages with spoofed "From" addresses on your domain.
How do I add an SPF record?
Although the end result is much the same, adding SPF rules differs between DNS providers. It also differs for users of Microsoft Exchange/Office 365, as Microsoft uses an implementation of their own called "Sender ID".
Below you'll find both generalised and brand-specific guides:
General SPF instructions
General instructions on creating and modifying SPF records can be found here.
You will also want to check your SPF rules are working correctly, a great SPF validation tool is here.
Microsoft-specific (Sender ID)
- Exchange 2003
http://techgenix.com/configuring-enabling-sender-id-filtering-exchange-2003-sp2/ - Exchange 2007:
https://technet.microsoft.com/en-us/library/bb123557(v=exchg.80).aspx
https://exchangepedia.com/2008/09/how-to-prevent-annoying-spam-from-your-own-domain.html - Exchange 2010 & 2013:
https://technet.microsoft.com/en-us/library/bb125259.aspx
https://technet.microsoft.com/en-us/library/aa996295(v=exchg.150).aspx - Exchange 2016, 2019 & Microsoft 365 (formerly Office 365)
https://docs.microsoft.com/en-us/Exchange/antispam-and-antimalware/antispam-protection/sender-id?view=exchserver-2016
Google Apps/G Suite
- Implementing SPF
https://support.google.com/a/answer/33786?hl=en - Enforcing IP locks
https://support.google.com/a/answer/6047998?hl=en