Email Impersonation Scams: How to Spot and Stop Them

Client Instruction Cybersecurity
Email Impersonation Scams: How to Spot and Stop Them
_

Email Impersonation

Email impersonation is a type of cyberattack where someone sends an email that appears to come from a trusted source, such as a colleague, boss, vendor, or company, in order to trick the recipient into taking an action—like clicking a malicious link, downloading an attachment, or transferring money or sensitive data. Also very common as SMS text messages sent directly to your phone. The identity info needed to initiate this scam is very often taken from LinkedIn and other public social media. Ex. You post news of your new job on LinkedIn and scammers use that information to formulate an impersonation scam email/text claiming to be from your new boss (with info also taken from LinkedIn). All of this can happen at lightning speed, often within 24 hours of your LinkedIn post.

Beware of Email Impersonation Scams

Email impersonation is a deceptive cyberattack where a scammer sends a message that appears to come from a trusted source—such as a manager, coworker, vendor, or company executive—in an attempt to trick the recipient into taking harmful action. These scams often aim to steal sensitive information, install malware, or convince the victim to transfer money or purchase items. Variations of these attacks are also widespread via SMS/text messages sent directly to your phone.

Many of these scams rely on information pulled from public sources like LinkedIn or other social media platforms. For example, if you post about starting a new job, a scammer might act quickly—often within hours—to craft a message impersonating your new boss using details from your profile and theirs.

Common Forms of Email Impersonation

  1. Display Name Spoofing
    In this type of attack, the scammer changes the display name of the sender to someone familiar—such as your boss or a colleague—but the actual email address is fake.Example:
    The message may appear to come from “Jane Smith” but is actually from an address like fakeemail@scammer.com. Since most email programs show only the name by default, this can easily fool recipients.These scams frequently involve urgent requests to purchase e-gift cards, asking victims to reply with the card codes. The email usually comes from a free, generic domain like @gmail.com instead of a legitimate company domain.
  2. Domain Spoofing & Lookalike Domains
    More advanced scammers manipulate email headers or register domains that look similar to real ones—such as cornpany.com instead of company.com. This type of attack is often used in Business Email Compromise (BEC) schemes, where the goal is to reroute financial transactions or gain access to confidential data.

How to Protect Yourself

These attacks can be difficult to detect and block entirely, so awareness is your best defense:

  • Verify any unexpected request. If you receive a message asking for sensitive information, financial transactions, or gift card purchases, pause and verify. Contact the person directly using their verified company phone number or internal communication platform.
  • Watch for urgency. Scammers rely on pressure and urgency to force quick decisions. Don’t rush—S-L-O-W down and think critically.
  • Check the sender’s full email address. Don’t rely on just the display name.
  • Be cautious with new contacts. Especially after a job change or new public-facing role, be vigilant about unsolicited messages.

Common Types of Attacks Involving Impersonation:

  • Phishing
  • Business Email Compromise (BEC)
  • CEO Fraud

By staying informed and cautious, you can avoid falling for these sophisticated impersonation scams. When in doubt, always double-check before taking action.