Spoofing Definition
As the word suggests, spoofing is a special type of cyberattack that is based on false identity. This type of attack is usually carried out by deceiving the unsuspecting user, who can become the victim of an attack by simply visiting a website, accessing an Internet service, or even just making a phone call.
Technically speaking, spoofing can occur at any level of the internet, although most of today’s spoofing attacks tend to happen at the application layer, while it’s more rare for them to happen at the network and data link layer.
Let’s take a quick look at how a spoofing attack works in concrete terms now. Even though the end goal tends to be the same for all of them, spoofing attack can be carried out with very different techniques.
Here is a list of the most common ways a spoofing attack can occur.
- Phone spoofing: In this type of attack, the attacker calls or texts the victims, pretending to be someone else.
- Email spoofing: With this type of attack, the spoofer sends fake emails (usually with logos and signatures of legitimate companies) to deceive the recipient. The term phishing also refers to this technique, since it leverages apparently real information to deceive the victim.
- IP Spoofing: Here, the attacker modifies the device to show a secure IP on the network. By doing so it can receive packets instead of the victim’s device.
- ARP spoofing: With this very sophisticated type of attack, the attacker modifies the device to divert ARP requests. By doing so, he is able to intercept all data passing through the network. The target of this attack is usually the router of the victim, which will require special defenses to be protected.
- DNS Spoofing: Similar to IP spoofing, with this type of attack DNS requests are modified, making web requests to phishing and scam sites seem legitimate. DNS spoofing is usually combined with other types of attacks.
- Website spoofing: By combining the spoofing techniques seen so far, the attacker can carry out website spoofing. In this case, a legitimate web page is replaced by a counterfeit web page in order to obtain personal information, login credentials, and credit cards from victims.
- Caller ID spoofing: This specific type of attack is usually carried out on mobile devices by simply changing the identifier of the calling number. In this way, the attacker is able to pretend to be a legitimate company. Both traditional calls and calls via the Internet (e.g. VoIP) are exposed to this type of attack.