Spoofing is a type of cyberattack that occurs when a scammer disguises themselves as a trusted source to gain access to important information. According to Merriam-Webster, the word "spoof" dates back to its first written use in 1884 referring to some sort of game, which we don't know much about. Soon thereafter though, the word evolved into a verb that meant being tricked out of something. Today it is generally used to describe cybercrimes of impersonation with intent to steal information. Spoofing is a key step in Business Email Compromise (BEC) which involves different types of spoofing and phishing to intercept business email communications and get targeted companies to wire funds directly to criminals.
Spoofing attacks can be carried out in many different forms all with the same goal, to steal your information. Let's go over different types of spoofing so you know what to look out for to protect you and your business.
Caller ID spoofing occurs when a scammer shows false information through the Caller ID. Caller ID spoofing makes it so your phone will display false information, instead of the incoming phone number, thus hiding the identity of the scammer and making it impossible for the number to be blocked. Scammers can also spoof the area code of a phone number so recipients will be more likely to pick up the phone if they recognize their local area code.
Website spoofing occurs when a scammer makes a replica of a legitimate website using the same fonts, colors, and logos in an attempt to get visitors to divulge personal information. Website spoofing may also be an attempt to lead users to a phishing or malicious site, instead of the legitimate one.
Email spoofing is when a scammer sends out emails with fake sender addresses to trick the recipient into thinking the email came from a safe, legitimate source. The intention here is to try to infect the user's computer with malware, ask for money posing as someone else, or steal the user's information. This method is often used in a Business Email Compromise (BEC) scam. These fake addresses are often disguised as the display name on the recipient's email client, or the email address is very close to the actual spelling of the name or domain, but it is off by a character.
Text message spoofing is when a scammer uses another person's phone number to send a text or SMS message. By doing this, scammers hide their identity behind an alphanumeric sender ID, These messages will usually include links to phishing sites or malware downloads.
GPS spoofing is when a GPS receiver is deceived by fake signals that resemble real ones. The scammer is pretending to be in one location while actually being in another. This method can be used to gain access to a car GPS and send the user to an address of the hacker's choosing. This can include any type of vehicle or device that uses GPS technology, like ships, aircraft, or monitoring systems.
A Man-in-the-middle (MitM) attack occurs when a scammer hacks a Wifi network to intercept web traffic between two parties. Most often by creating a duplicate, yet fraudulent, Wifi network in the same location to mimic the legitimate network users are trying to reach. By intercepting this traffic, scammers are able to reroute sensitive information to themselves, such as logins, passwords, or payment information.
In an attempt to disguise malware extension programs and files, scammers will rename the files to be something like "Filename.docx.exe" and hide malware inside the extension.
When a scammer hides the location of where they're sending or requesting data from. Scammers use this tactic to trick computers into thinking information is being sent from a trusted source, allowing malicious content to pass through security measures.
Domain Name System (DNS) spoofing, sometimes referred to as cache poisoning, is used to reroute traffic to different IP addresses set by hackers. Most commonly leading unsuspecting visitors to malicious websites. Hackers will replace the IP addresses stored in the DNS server with the ones that they want to reroute the user to, and thus try to steal personal information.
Address Resolution Protocol (ARP) spoofing is when a scammer will send falsified ARP messages over a Local Area Network (LAN), resulting in a scammer's MAC address being linked to the IP address of a legitimate computer or server on the LAN.
If you think you're being spoofed, be on the lookout for these behaviors most commonly practiced by scammers:
Protect yourself against spoofing attacks by following these dos and don'ts:
Alongside educating yourself, you should make sure your IT infrastructure is actively being monitored for other cybersecurity risks that are evolving every day. CDS would love to help evaluate your current IT needs and take a proactive approach to your security. Click below to schedule a free IT consultation and learn more about how we can help you and lower your IT costs.
Beyond copiers and printers, CDS offers a full suite of technology solutions ranging from Managed Print Services, to Managed IT Services, and Project-Based IT Services, providing our customers a Single Source for all their business technology needs.Read More