By display name
This type of attack exploits the Transmission Control Protocol (TCP) handshake process. In this, the hacker first opens a new email account (typically Gmail) with the same name as the person or brand they want to impersonate.
For example, you might receive an email from Elon Musk that looks like this:
Email spoofing by display name
Of course, if you think Elon Musk hires people by randomly list of bahamas whatsapp phone numbers sending emails, then you may be very naive. But this tactic works for a number of reasons.
Specifically:
It came from a legitimate email address . This is simply a Gmail account I created in less than a minute and used it to send an email in the name of “Elon Musk” to another one of my accounts to demonstrate how easy it is. As a result, the email did not go to the spam folder, but directly to the inbox.
Exploits the email user interface . Since the user interface only shows the display name and not the sender's actual email address or its metadata, along with the subject line and part of the message, anyone can impersonate someone like Elon Musk this way.
Using similar domains
Of course, anyone can create a Gmail account, but most businesses use a custom email domain.
For example, let's say a business uses the domain @business.co.
All the attacker has to do is create a lookalike domain, such as @bvsness.co, and by changing just one character, make their email look exactly like it's coming from a legitimate brand (to an untrained eye).
