Spoofing can be applied to a number of communication methods and employ various levels of technical know-how. Spoofing can be used to carry out Phishing- attack is, which are scams to gain sensitive information from individuals or organizations. The following different examples of SPOOFING attack methods gives more detail on how different attacks word and different types of SPOOFING.
- Email Spoofing –
Email spoofing occurs when an attacker uses an email message to trick a recipient into thinking it came from a k own and/ or trusted source. These emails may include links to malicious websites or attachments affected by the malware or they use social engineering to convince the recipient to freely disclose sensitive information.
Sender information is easy to spoof and can be don in one of the following ways:-
- Mimicking a trusted email address or domain by using alternate letters or numbers to appear only slightly different than the original.
- Disguising the Form field to the exact email address of a known or trusted source.
2- Caller ID Spoofing
With caller ID Spoofing, attackers can make it appear as if their phone calls are coming from a specific number – either one that is known or trusted to the recipient, or one that indicates a specific geographic location. Attackers can then use social engineering – often posing as someone from a bank or customer support – to convince their targets to , over the phone , provide sensitive information such as password, account information , social security numbers and more.
Website spoofing refers to when a website is designed to mimic an existing site known and/or trusted by the user. Attackers use these sites to gain or login and other personal information from users.
Attackers may use IP(Internet Protocol) spoofing to disguise a computer IP address thereby hiding the identity of the sender or impersonating another computer system. One purpose of IP address spoofing is to gain access to networks that authenticate users based on IP addresses.
Address Resolution Protocol (ARP) is a protocol that resolves IP addresses to Media Access Control (MAC) addresses for transmitting data. It is used to link an attacker’s MAC to a legitimate IP address so the attackers can receive data.
DNS server Spoofing
DNS (Domain Name System) servers resolve URLs and email addresses to corresponding IP addresses. DNS spoofing allows attackers to divert traffic to a different IP address , leading victims to sites that spread malware.