Exact Display Name Impersonation
Display name deception is the most common form of email spoofing and is often successful because many email clients (especially on mobile devices) show only the display name. With this kind of attack, criminals can insert the identity of a trusted individual (such as the name of an executive at the targeted company) or a trusted brand (such as the name of the bank used by the targeted individual) into the display name. Since common consumer mailbox services, such as Gmail and Yahoo, allow a user to specify any value in the display name, this type of attack is simple and cheap to stage from such a service. For example:
- David Smith <david.smith@google.com>
- David Smith <david.smith@yahoo.com>
When an email is confirmed as dangerous by our Visible-IR (Incident Response) Team, the following banners may appear at the top of the email. In addition to this banner the email may be moved to either your Junk or Deleted email folder depending on the threat detected