• Portal
• Calendar
• A-Z Index

Find it

• About ITS
• Policies
• Feedback
• Search ITS
• ITS A-Z Index
• System Status

Email headers can be spoofed/forged

As spam (junk or unsolicited email) continues to increase, we are also seeing 'To:' and 'From:' email header fields being spoofed. Sometimes, the 'From:' address may appear to be from someone you know, from some organization whose name you recognize or from an @yale.edu email account. In reality these spoofed/forged messages do NOT originate from the address that appears in the 'From:' field. See examples.

Spoofed email from Yale support teams or vendors who do business with Yale

There has been an increase in spoofed/forged email messages that appear to come from Yale University ITS support groups and vendors who do business with the University. These email messages often have attachments that when opened infect your computer with malware (virus, worms and/or Trojans).

Learn how to tell if an email message from Yale is legitimate.

Analogy of a letter you get through the US Mail

A paper ENVELOPE address can NOT be spoofed. This address is used to deliver to the correct recipient. The address in an email message CAN be spoofed. Addresses that appear in the To: and From: message headers are the equivalent of the addresses used in the inside of a letter.

In order to be certain of where the letter came from, you must view the envelope--or the FULL HEADERS of an email message.

If you have any concerns about a specific email, please forward the email (including full-headers) to abuse@yale.edu.