Distributors
navigation
Home

Products

Aberdeen Foam
AFFFs
Alcohol Resistant AFFFs
Airport Foams - ICAO Levels B
Fluorine Free Foams (F3)
Class A Foams
High Expansion Foam
Training Foams
Induction System Calibration
Foam Seal Oil
Vapour Suppression
Angus Fire
Fluorine Free Foams
Class A Foam
High Expansion Foams
Training Foam Concentrates
Foam Testing
Foam Concentrate Testing
Produced Foam Testing
IMO Foam Testing
PFAS TOP Assay Testing
Foam Test Kits
Test Kit Training
NFPA 11 Foam Collection Equpment
C6 Compliant
News
REACH publishes new PFHxA Restriction update
RSC PFAS Decision Tree
Updates on PFAS in use and in the environment
Not all C6 AFFFs are the same!
International Firefighting Foam PFAS bans
US Federal Air Administration Admits No Fluorine Free Foams meet Milspec
Restriction on the use of AFFF-C6 offshore
News article: "The price of safety"
Understanding why Fire Fighting Foams can Fail
Introducing our new Worldwide Testing Service!
Introducing - Foam Seal Oil
New - Induction Foam!
EU New Regulation: EU 2017/1000
A Hi-Ex Explosion!
Archive
About Us
Knowledge Base
C6 Compliant
International Standards
Fluorine Free Foams
Foam Compatibility
Sales Sheets & Brochures
Videos
Glossary
FAQs
Useful Links
Contact Us
Translations
spoofing

Email spoofing

Unfortunately, it has come to our attention that some customers have been sent emails that appear to be from someone from within Oil Technics, but are actually being sent from someone outside the Company. These people have no affiliation with us and are using a practice called Email Spoofing.

Our IT Support Company has advised us that currently within the UK they are seeing a spate of Email Spoof & Cyber Crime attempts.  We want to help advise you on what to look out for and how you can protect yourself from possible email scams - please see below, or click on the handy links provided to navigate this page quicker:

What is email spoofing

What is the aim of spoofing

How to protect yourself from spoofing

How to protect yourself when Transferring Funds

File-Sharing Sites

What to do if you think you have received a spoofing email

Want to know more?

What is email spoofing?

Email spoofing is an old but very common trick used by cyber criminals.  Spoofing is when an email is made to look as though it’s coming from a certain person, but is actually being sent from somebody completely different from outside of the company – usually not somebody friendly!

The process is very rarely an individual sitting at a computer trying to impersonate people, but rather some code which uses scripts, robots, metatags etc. to pull information from websites.  With the increase in social media,  it is not hard to pretend to be someone else and unfortunately email spoofing is relatively easy to do and is part of the reason why phishing attacks are so prevalent.  It is a problem that affects both large multi-national companies and small organisations alike.

back to top

What is the aim of spoofing?

The aim of spoofing is to get the email recipients to act in the same way they would normally do when opening an email from someone they trust i.e. to click on links etc.  Normally the end goal of an email spoof is to attempt to get money out of the recipient, or infect their computer. 

Spoofing emails will often:

  • Contain links to an infected website
  • Attach an infected file
  • Ask for sensitive information
  • Request payment of some sort e.g. an invoice

Spoofing emails thrive on human error and cyber criminals will often take a lot of care and attention to make the emails look and sound convincing by researching online both the Company and/or the person they are impersonating.  By doing online searches it isn’t hard to find relationships between companies and their customers.  The more convincing the email, the more success they will have!

back to top

How to protect yourself

Employees within a company are one of the first lines of defence when it comes to IT and it is important to exercise vigilance and ensure that everyone is able to spot small inaccuracies or suspicious circumstances to avoid the potential dangers of spoofing emails.

Luckily, there are some very quick ways to check if the email is legitimate:

Check the ‘From’ Field:

Checking the ‘From’ field on your email is one of the quickest and most effective ways to determine whether the email you’ve received is from who the person you think it is.  Below are some examples of what a normal email should look like and what a spoofing email could look like:

 FFF good

The name of the sender and the email address should match and should use the domain of the company which the email is being sent from e.g.firefightingfoam.com

FFF bad

The email address of person doesn’t match the email address of who it is being sent from, or the domain of the company is wrong.

Email Signatures:

Any email which comes from a member of our team will always have an official signature on the bottom of the email, such as:

FFF autosig1  FFF autosig2

The only exception to this will be if we send you Marketing Emails using one of our info@ addresses: these emails are often sent through programs such as MailChimp. However, please be assured that whenever we send Marketing Emails, we always use our branding throughout and include lots of information about our company – to very clearly show that this email is legitimately from us. Furthermore, these emails will always be from our domain, e.g. @firefightingfoam.com .

Links:

FFF hyperlinks

If we send an email with hyper-links in it, we will make it clear what the link is about and also when you hover over the link it should show you where the link will take you to; which is normally a page within our website using our domain address e.g. firefightingfoam.com

OTL hyperlink BAD

The links in Spoof and Phishing emails either go to very abnormal web addresses, or when you hover over them they do not go to a domain associated with the company the email has come from.

back to top

How to protect yourself when Transferring Funds

The UK has seen a significant increase in Cyber Fraud which can affect email accounts and bank details.  Please note out bank details have not changed.  If you are ever in doubt about our bank details, or any payment details you have received, please always call: +44 (0) 1561 361515 to verify them with a member of our Finance Team, before processing any payments. 

Oil Technics will not accept any responsibility if money is transferred into an incorrect bank account.

back to top

 File-Sharing Sites

Whilst file-sharing sites offer great flexibility and ease for sharing large file information, the recent explosion in the market of these types of sites has brought extra security risks that people need to be aware of. 

On many file-sharing sites, it is very easy to pretend you are someone else - you simply need to have a contact to send an email to and then enter the email address of who you want the email to come from - that's it.  Whilst the majority of people will use this for legitimate purposes, this open process makes it very easy to impersonate another person's email. 

Also, as the are no checks on many of these sites, it can be easy for cyber criminals to send malware that looks like legitimate files e.g. criminals are careful to name the files as something relating to your business, such as 'Sales Brochure' etc.

How to protect yourself:

At Oil Technics we very rarely use file-sharing sites, however, if we do, we will always advise you that we are sending a file, what type of file we are sending and also what file-sharing site we are using.  This means that you will know what to expect.

If you do receive an email from a file-sharing site, no matter how convincing the email is, if you are not expecting files to be sent to you like this, never click on the links or attachments.

Our advice is to instead either send a quick email to the person who reportedly sent you the email, or give them a phone call to double-check whether the email is legitimate or not.

As phishing attempts become more sophisticated, our methods of detection and awareness have to become more sophisticated also.  It is worth taking a moment to double-check the validity of an email, especially if you compare it to the time that could be lost and the potential damage caused by clicking on an unsafe link or attachment.

If you suspect an email from a file-sharing site is a phishing attempt, most file-sharing sites will have a link either at the bottom of their email or on their site in which to report the email as fake, so that they can stop going out to others.

back to top

What to do if you think you have received a spoofing email

Follow the simple checks above and if you think you have received a Spoofing Email:

  • Do not reply to the email
  • Do not click on any links or attachments included in the email
  • Delete the email from your system entirely e.g. from your inbox and deleted items
  • There is no need to forward the Spoofing email to us, but if you would like us to be aware, please send us a screen-grab of the offending email
  • Please advise your own IT Company/Department as soon as possible so that they can check your IT defenses and advise you best practice

back to top

Want to know more?

For further information and advice on Spoofing, IT Company TSG have written a blog and prepared a video that you may find helpful.

If you have any concerns at any time, please don’t hesitate to get in touch:

 back to top

Disclaimer:

Whilst every effort has been made to ensure the information presented above was correct at time of publication, Oil Technics Ltd. does not assume any liability to any party for any errors or omissions. The above information is supplied for guidance only and is without guarantee: we would always recommend contacting your own IT Department/Support Company for any further advice.  Any opinions expressed in this document are not necessarily those of Oil Technics (Fire Fighting Products) Ltd. and are not for onward publication without consent.

To provide you with the best possible user experience, this website uses cookies. If you continue to browse this site, you are agreeing to our use of cookies. To learn more about the cookies we use, please view our Cookies Notice.

In accordance with the new General Data Protection Regulation (GDPR) in Europe, we have updated our Privacy Notice, which can be viewed here.

©2024 Oil Technics (Fire Fighting Foam Products) Limited