What is Spoofing | Antivirus Software

Know what is spoofing, the technique used by hackers to impersonate another person or a legitimate company and steal data.

Spoofing is one of the most popular hacker attacks in recent times, in which one person impersonates another or a legitimate company, in order to steal data, break into systems, and spread malware. Find out how spoofing works and protect yourself.

What is spoofing?

The term spoofing comes from the English verb spoof (imitate, pretend), which in Information Technology is a jargon used for counterfeiting. In general, the term describes the act of deceiving a website, service, server, or person by stating that the source of information is legitimate when it is not. It is simpler than you can imagine.

Why automated responses can be a treasure trove of social engineering?

When you receive a “suspicious” email from a known and trusted contact (it may be a friend, family member, company, or even your bank), with all the header information apparently correct (name, email address), sender, etc.) but with strange content, asking to click on shortened links and/or send sensitive data, for example, this is a spoofing attack.

And phishing? The phishing scam is an evolution of spoofing, in which the attacker uses sites and applications that are apparently legitimate and very similar to the originals, but which, in fact, are fake tools designed to steal information online.

Types of spoofing

ID spoofing: A hacker makes a request to a website or server posing as a legitimate IP so that the victim cannot identify the attacker;
Email spoofing: One of the most common, targets users and consists of fake emails, posing as someone else or a real company. Usually linked to phishing scams ;
DNS spoofing: The hacker manipulates network connections ( changing the DNS of routers on a large scale ) and diverts access to a legitimate website to a fake copy in order to steal data. Bank websites are the most common targets;
Spoofing of calls and/or SMS: The attacker makes calls or sends SMS messages posing as a legitimate number, trying to deceive other users;
Caller ID Spoofing: This is a more elaborate method. The hacker tries to access phone services or apps through a cloned cell phone number, in order to hack into the copied user's email, messengers, and social networks.

In this particular attack, the hacker is able to clone someone else's cell phone number and, through another device, makes requests to messaging or social network services requesting a second installation of the app. As the messenger thinks he is the user (which is why two-step verification by SMS is a bad idea ), access is free without problems. The crime is also known as a SIM swap.

With a copied mobile number and a fresh install of the app on someone else's account, it’s extremely easy to access the victim’s message history.

How to protect yourself header?

ID spoofing is the easiest to identify, the user just needs to keep an eye on the and can identify some wrong data. Another important tip is not to leave by clicking on any link sent to you, either by email, SMS, or through messaging apps.

In the case of DNS spoofing, it is important to check your router's DSN and always be aware of the suspicious website's address, which in general differs in details from the legitimate one. Also be wary of the nature of requests, such as bank sites that ask for ID and Social Security numbers, in addition to the card number, password, and security code.

Installing antivirus software is a wise decision to keep ahead of the attack.

Ask Me about Antivirus Security

Search This Blog

All-Out Mess: Do You Know What's Going on On Your Firewall | Antivirus Software