Tips to stay safe from spoofing

In simple terms, Spoofing hides the true identity of the sender, causing you to think emails or messages you’ve received are from someone you know. Here’s what it’s all about and how not to fall into the trap of these cybercriminals.

What makes spoofing so dangerous?

Fraudsters know you’re more likely to trust or follow instructions from someone you know. For example, you’re more likely to open an attachment from your CEO, friend, colleague or family member, because you trust them. Fraudsters research their target company’s internal relationships, activities and purchasing processes, making the emails even more convincing.

It’s all about the money

The main motivation behind spoofing is fraud, such as getting a fake invoice paid. However, the cybercriminals may also want you to:

  • Give up credentials
  • Change suppliers’ banking details
  • Divulge sensitive or personal information
  • Click on infected links or open infected attachments
  • Put them in touch with people who can authorise payments.

How you can spot spoofed phishing emails

Because they seem to come from people you trust, these messages are a bit harder to spot than standard phishing emails. Sanlam has been targeted with spoofing emails made to look like they’ve been sent from Sanlam or Santam staff. Please be extra vigilant and warn your colleagues on how to spot such emails.


How to tell it’s a spoof email

  • You’re not expecting this kind of request from this person.
  • It displays an email address, but when you hit reply, it shows a different address.
  • It requests payments of invoices or information related to payments.
  • This link goes to a domain that is not the company’s owned domain.
  • Is the sender actually in the global address book? Phone the sender to verify the request.


  • Don’t trust anything you’re not expecting – even from people you know, especially if it asks you to open an attachment, click on a link or divulge information
  • Verify the sender’s address – by clicking reply, you’ll see that an alleged internal email is really going somewhere else
  • Requests for money should always raise a red flag – always treat requests for money or sensitive information with a high degree of scepticism
  • Look but don’t click – hover your mouse over any links embedded in the body of the email. If the link address looks suspicious, don’t click on it
  • Verify with the sender – if the tone or the purpose of the email is slightly out of the ordinary, like a request for payment from the CEO to you, rather call or text the sender to verify.

Forward any suspicious messages to

Look out for further communication in future editions.