You know your email has been spoofed when you receive a fake email (spoofed email) from spammer, it might contain a link to spoofed website which can be of online-banking service. The false website appears to be similar like the original one and prompts for account login details (the username and password). When you enter he information, an error like "Website is Unavailable" will be reverted and during this course of time, the spammer will dishonestly steal the confidential information for illegal profits.
"An email over the internet is easy to spoof and trusting it without any strong security enhancements like Digital Signature is not a good idea. For example: An email exchanged over internet hosts uses a protocol that is a combination of simple ASCII character commands.
Using Telnet, these commands can help to connect with SMTP port of the system. This way, the receiving host trusts the sending host and the hacker easily changes its original address to a targeted address!"
Fake email reflects a particular behavior that normal messages don't. Here are some of the ways that can help to identify if an email is legitimate or it is an address spoofing by spammers:
Over the time, number of methods have been developed in order to detect or track a spoofed email. SPF, DKIM, Sender ID, and DMARC are few of them.
Sender Framework Policy (SPF) is an anti-spam technique where a fake email is identified against are forging (changes in header components). Nowadays, most of the abusive messages use a fake sender address. This not only diminishes the reputation of the victim whose address is used as the sender but also wastes his time from getting the IP from the blacklist.
SPF in an internet header gives a hint about the spam email forgery of its way to target mailbox while traversing different MTAs. SPF for a domain help administrators to define as which hosts can send a mail through it by creating SPF records in the Domain Name System. When en email exchanges between two hosts, the SPF checks out if the message is being sent by host sanctioned under the domain.