2002 Tech Tip: Spoofed/Forged Email
Email spoofing may occur in different forms, but all have a similar result: a user receives email that appears to originate from one source when it actually was sent from another source. Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords).
Examples of spoofed email that could affect the security of your site include email claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not do this and email claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information.
If, after investigating the activity, you find that there is more to the incident than spoofed email (such as a compromise at your site or another site). This tech tip will help you know how to deal with it.