All Con, All the Way Down: Bad Guys Spoof Phishing Link Hover Texts
At the heart of almost every phishing email is a spoof. In malicious emails spoofing is the art of deceptively imitating something or someone trusted by users in order to gain their confidence. And malicious actors incorporate this element of deception into everything they do for the purposes of social engineering unwitting users into taking dangerous actions — usually clicking malicious links, opening malicious attachments, or providing access to money and information under false pretenses.Your basic email provides bad actors with a number of opportunities to generate trust with users through spoofing. They spoof sender names and email addresses. They spoof trusted online brands like Microsoft, Google, and Docusign through email design and formatting. They even spoof the existence of email attachments through fake graphics designed to disguise links to external web sites.