Do you know what spoofing is?
Spoofing is the most popular type of hacking attack in recent times, where one person impersonates another or a legitimate company to steal data, break into systems and spread malware. Learn how spoofing works and protect yourself.
The term spoofing comes from the English verb spoof (imitate, pretend), which in Information Technology is jargon used for falsification. In general, the term describes the act of deceiving a website, a service, a server or a person by claiming that the source of information is legitimate when it is not. It is simpler than you can imagine.
When you receive a "suspicious" email from a known and trusted contact (this could be a friend, family member, business, or even your bank) with all the seemingly correct header information (name, email address , sender, etc.) but with strange content, asking you to click on shortened links and / or send sensitive data, for example, is a spoofing attack.
What about phishing? The phishing scam is an evolution of spoofing, where the attacker uses sites and applications that are apparently legitimate and very similar to the original ones, but are actually fake tools designed to steal information online.
- ID Spoofing: A hacker makes a request to a website or server by impersonating a legitimate IP so that the victim cannot identify the attacker;
- Email Spoofing: One of the most common, targeted users consists of fake emails, impersonating someone else or a real company. Usually linked to phishing scams;
- DNS Spoofing: The hacker manipulates network connections (changing the DNS of large-scale routers) and forwards access to a legitimate site to a fake copy in order to steal data. Bank sites are the most common targets;
- Call and / or SMS Spoofing: The attacker makes calls or sends SMS messages by impersonating a legitimate number, trying to trick other users;
- Caller ID Spoofing: This is a more elaborate method. The hacker attempts to access phone services or apps through a cloned mobile number to break into the copied user's email accounts, messengers, and social networks.
In this particular attack, the hacker can clone someone else's mobile number and through another device, make requests to messaging or social networking services requesting a second installation of the app. Because the messenger thinks it's the user (that's why 2-step SMS verification is such a bad idea), access is relieved smoothly. The crime is also known as SIM swap.
With a copied mobile number and a fresh install of the app on someone else's account, it is extremely easy to access the victim's message history.
How to protect yourself
ID spoofing is the easiest to identify, just keep an eye on the header and you can identify some wrong data. Another important tip is not to leave by clicking on any links sent to you, either by email, SMS or via messaging apps.
In the case of DNS spoofing, it is important to check your router's DSN and always be aware of the suspicious website address, which generally differs in details from the legitimate one. Also be wary of the nature of the requests, such as bank websites that ask for ID and Social Security numbers, as well as card number, password, and security code.
- Have you seen if your router's DNS is right today?
- How to tell if a site is secure?
- How to strengthen the security of 2-Step Verification
Finally, enable 2-step verification for your instant messengers and preferably do not use SMS or phone number as a verifier; prefer apps like Google Authenticator and Microsoft Authenticator to store your keys.