Spoofed Emails & Fake Headers

E-mail spoofing is a term used to describe (usually fraudulent) e-mail activity in which the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a different source. E-mail spoofing is a technique commonly used for spam e-mail and phishing to hide the origin of an e-mail message. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned users can make the e-mail appear to be from someone other than the actual sender. The result is that, although the e-mail appears to come from the address indicated in the From field (found in the e-mail headers), it actually comes from another source.
                                                                                  -www.wikipedia.com

An Email header is the information included in the email that tells it Who its From, Who its To, Time/Date, Subject, etc.

Any of this information can be disguised or altered. You may receive an email from billgates@microsoft.com but that does not mean its from him. You may receive an email on your bob@mywebsite.com but it may say it was sent to bob@myoldwebsite.com which you no longer use. It just means that's something the spammers had in their records and are hoping to get you to click on it.

An email may even appear as if its from someone in your company. You may get an email from techsupport@mywebsite.com asking for a password or other information.  If you have any doubts at all about the legitimacy of an email, contact the sender by Starting a new email or calling them. Never Reply or click on anything in the suspicious email.

Once someone gets infected, their computer often sends out emails to everybody in their address book without their knowledge. So you may receive an email from a friend that you get emails from all the time, but this time it may have a joke or say there is a video they want you to see. You click on it, trusting its from your friend and now your infected.

The only safe way is never to click on links in emails that are joke type emails, emails from banks, eBay, or other popular websites. If you were to receive an email from ebay.com for example asking you to log in or change your password, don't click on any links. Instead open your web browser and type in www.ebay.com and go to the website directly.

When IS it safe to click on a link in an email?   When you know its coming.
Example:
1) A friend told you they were going to send you a link to a website for you to see.
2) You went to a website and requested to change your password and they say they will email you a link to change it. You expect this so a few moments later the email arrives.