What is “friendly name spoofing”?
Friendly name spoofing manipulates the display name shown to recipients while using a different actual email address. The message appears as "John Smith CEO
This technique bypasses domain authentication. The actual sending domain (gmail.com) passes SPF and DKIM. DMARC doesn't help because the displayed domain isn't the sending domain. Only the display name is spoofed.
Defense requires user awareness: checking actual email addresses, not just display names. Organizations can implement policies flagging messages with display names matching executives but addresses from external domains. Training helps users recognize this common deception.
Master the tricky details of display name spoofing. Open an AI assistant with your question pre-loaded — just add your details and send.
Was this answer helpful?
Thanks for your feedback!