– BY MARIYAM CHOWDHARY
A spoofing attack can be explained as a situation in which a person or a program impersonates another user or a device or a network by falsifying data, to gain illegitimate advantage or to launch attacks against the network host or to spread malware.
Types of a spoofing attack.
ARP SPOOFING – ARP stands for Address Resolution Protocol which is a communication mechanism that is used to map an IP address to a physical (MAC) address of a specific machine within a local area network. An ARP spoofing attack aims to link a cybercriminal’s MAC address with a dynamic Internet Protocol address of a target host.
DNS SPOOFING ATTACK – The Domain Name System (DNS) is responsible for associating names to the correct IP address. Cybercriminals may harness vulnerabilities in a DNS server to tamper with its cache and thus fraudulently impose invalid associations between domain names and IP addresses.
EMAIL SPOOFING – Cybercriminals use email spoofing attacks to trick you into visiting a phishing site that requests sensitive information or spreads viruses.
CALLER ID SPOOFING – Scammers may falsify the caller information shown on your phone’s display to mask the actual origin of the call.
IP SPOOFING – It is a malicious technique used by cybercriminals that relies on generating Internet Protocol (IP) packets with a fabricated source address.
GPS SPOOFING – A GPS spoofing attack attempts to deceive a GPS receiver by broadcasting fake GPS signals, structured to resemble a set of normal GPS signals, or by rebroadcasting genuine signals captured elsewhere or at a different time.
EXAMPLES OF SPOOFING ATTACK
In 2006, unknown hackers carried out a major DNS spoofing attack – the first of its kind – against three local banks in Florida. The attackers hacked the servers of the internet provider that hosted all three websites and rerouted traffic to fake login pages designed to harvest sensitive data from unsuspecting victims. This has allowed them to collect an undisclosed number of credit card numbers and PINs along with other personal information belonging to their owners.
-In June 2018, hackers carried out a two-day DDoS spoofing attack against the website of the American health insurance provider, Humana. During the incident that was said to have affected at least 500 people, the hackers have managed to steal complete medical records of Humana’s clients, including the details of their health claims, services received, and related expenses.
-In 2015, unidentified hackers have used DNS spoofing techniques to redirect traffic from the official website of Malaysia Airlines. The new homepage showed an image of a plane with the text “404 – Plane Not Found” imposed over it. Although no data was stolen or compromised during the attack, it blocked access to the website and flight status checks for a few hours.
Flipkart CEO, Binny Bansal account got spoofed.
Producer Ronnie Screwvala’s NGO loses Rs. 34 lacs over spoof emails.
HOW TO PREVENT SPOOFING ATTACK.
1. Understand the risks.
2. Avoid direct IP user authentication.
3. Rely on encryption.
4. Choose a reliable ISP.
5. Work on your overall security.
6. Invest in spoofing detection software
18 thoughts on “Spoofing Attack”
The author has very well drafted the article explaining about spoofing attack ,its various types ,author has almost covered all the sub topics explaining each in a very concise manner giving real life examples as cases which affected people to a greater extent showed the dier need to prevent these attacks ,a well written and an informative article but could have included cases. Instead of examples so that people can know what consequences does these attackers face when once they are caught
Thanks for the article never knew of this
Thanks for feeding me with such information. I earlier had no idea about such attacks but now I’m well informed. I really appreciate your research.
Thanks for this article I really learned a lot from this
Oh wow this was some new information learned a lot
bohat simple way m spoofing defined
I had no clue about what spoofing was and what happens in the process, how hackers get use of it but now I’ve got some knowledge.
Now what i find the most impressive thing about this article is that most of the people dont know about and are not aware of a spoofing attack which is this article is very important and the author has done a great job in describing the thing from tip to bottom.
Earlier I hadn’t knew about the spoofing attack but now I’m well informed . thank you for providing this essential information.
Great article. I am also working on the same topic and got to know the many information and it was really useful.
The article successfully informs the readers about the basic knowledge of spoofing. It very well explains how spoofing works with the help of examples. However, it fails to provide effective preventive measures against spoofing.
Amazing article!! Dealing with the trending issues of cyber crimes nowadays..
The article covers all the required points. It’s well-written with good examples, however, preventive measures could have been elaborative with a personal touch.
Sometimes, rather most of the times we do not realise how scary the internet can be. Things can happen out of the blue, just like that. The article here helped me understand the angles the risk can come through. But are there some law against Spoofing? If not then which country has the most effective law against it?
The article covers all the required points. It’s well-written with good examples.