What is Spoofing and How to Prevent a Spoofing Attack

Malware News
1

man-hacker-on-laptop-spoofing

Spoofing is a cyberattack that occurs when a scammer is disguised as a trusted source to gain access to important data or information. Spoofing can happen through websites, emails, phone calls, texts, IP addresses and servers. 

Usually, the main goal of spoofing is to access personal information, steal money, bypass network access controls or spread malware through infected attachments or links. With every form of communication online, scammers will try to use spoofing to try to steal your identity and assets. 

Read more to learn about how spoofing happens, the different types of spoofing attacks, how to detect spoofing, and how to prevent spoofing attacks.

How Does Spoofing Happen

email-spoofing-scammer
email-spoofing-scammer1440×516

The term “spoof” dates back over a century and refers to any form of trickery. However, today it’s mostly used when talking about cybercrime. Any time a scammer disguises their identity as another, it’s spoofing. 

Spoofing can apply to a number of communication channels and engage different levels of technical know-how. For it to be successful, the spoofing attack has to incorporate a certain level of social engineering. This means that the methods that scammers use are able to effectively trick their victims into giving out their personal information. Scammers use social engineering to play on vulnerable human characteristics, such as greed, fear, and naiveté.

An example of this type of social engineering is where the scammer relies on the victim’s feelings of fear in an attempt to gain information or money. The grandchildren scam is when a scammer pretends to be a family member and allegedly states that they’re in trouble and need money as soon as possible. Scammers will often target the elderly in these situations due to the preconceived notion that the elderly are less tech-savvy.

Types of Spoofing Attacks 

types-of-spoofing-attacks
types-of-spoofing-attacks1440×1467

Spoofing can occur in many different forms and various types of attacks you should watch out for. Here are some examples of different types of spoofing: 

Caller ID Spoofing 

Caller identification (Caller ID) allows the receiver of a phone call to determine the identity of whoever is calling. Caller ID spoofing occurs when a scammer uses false information to change the caller ID. Since Caller ID spoofing makes it impossible for the number to be blocked, many phone scammers use Caller ID spoofing to hide their identity. Occasionally, these scammers will use your area code to make it seem like the call is local. 

Most Caller ID spoofing happens using a VoIP (Voice over Internet Protocol) that allows scammers to create a phone number and caller ID name of their choice. Once the call recipient answers the phone, the scammer will try to convince them to divulge important information.  

Website Spoofing 

Website spoofing is when a scammer will try to make a dangerous website look like a safe one, using legitimate fonts, colors, and logos. This is done by replicating a trusted site with the intention of taking users to a phishing or malicious site. These copied sites will usually have a similar website address to the original site and appear to be real at first glance. However, they’re usually created to obtain the visitor’s personal information.

Email Spoofing 

Email spoofing is when a scammer sends out emails with fake sender addresses with the intention of infecting your computer with malware, asking for money or stealing information. These fake sender addresses are created to look like it came from someone that you know, like a coworker or a friend. 

These addresses can either be created by using alternative numbers or letters to look slightly different than the original, or by disguising the ‘from’ field to be the exact email address of someone in your network.

IP Spoofing 

When a scammer aims to hide the location of where they’re sending or requesting data online, they’ll usually use IP spoofing. The goal of IP spoofing is to trick a computer into thinking the information being sent to a user is a trusted source and allow malicious content to pass through.  

DNS Server Spoofing 

Domain Name System (DNS) spoofing, also known as cache poisoning, is used to reroute traffic to different IP addresses. This will lead visitors to malicious websites. This is done by replacing the IP addresses stored in the DNS server with the ones that the scammer wants to use. 

ARP Spoofing 

ARP spoofing (Address Resolution Protocol) is used often to modify or steal data or for in-session hijacking. To do this, the spammer will link their media access control to an IP address so the spammer can access the data that was originally meant for the owner of that address.   

Text Message Spoofing 

Text message spoofing is when a scammer sends a text or SMS message using another person’s phone number. Scammers do this by covering their identity behind an alphanumeric sender ID and will usually include links to malware downloads or phishing sites. Make sure you’re aware of mobile security tips if you believe the data on your phone is being compromised.

GPS Spoofing 

A GPS spoofing attack happens when a GPS receiver is deceived by broadcasting fake signals that resemble real ones. In other words, the scammer is pretending to be in one location while actually being in another. Scammers can use this to hack a car GPS and send you to the wrong address, or even to interfere with GPS signals of ships, buildings, or aircraft. Any mobile app that relies on location data from a smartphone could be a target for this type of attack.

Man-in-the-middle (MitM) Attack

Man-in-the-middle (MitM) attacks occur when a scammer hacks a WiFi network or makes a duplicate fraudulent WiFi network in that location to intercept web traffic between two parties. In doing so, scammers are able to reroute sensitive information to themselves, such as logins or credit card numbers.

Extension Spoofing 

In order to disguise malware extension folders, scammers will utilize extension spoofing. Usually, they’ll rename the files to “filename.txt.exe” and hide malware inside the extension. So, a file that appears to be a text document actually runs a malicious program when it’s opened. 

How to Know If You’re Being Spoofed

signs-of-spoofing
signs-of-spoofing1440×1470

If you suspect you’re being spoofed, be aware of these indicators from the most common types of spoofing:

Email Spoofing 

  • Pay attention to the sender’s address: If you’re unsure whether or not the email you’ve received is legitimate, double-check the address. Scammers will often create ones that are similar. If it’s a suspicious email but from the exact sender’s email address, contact the sender to confirm it’s legitimate.
  • Be wary of attachments: Be cautious when it comes to attachments from an unknown sender — or if it’s from a known sender and the contents look suspicious. When in doubt, don’t open these attachments as they may contain harmful viruses.
  • Spot poor grammar: If the email contains unusual grammatical errors and typos, it may not be legitimate. 
  • Do some research: Find the sender’s contact information online and get a hold of them directly to see if the email is real. Also, search the contents of the email via Google if it seems suspicious — if the contents sound too good to be true, it usually is and this can sometimes be indicative of a scam email.  

Website Spoofing

  • Check the address bar: A spoofed website will most likely not be secured. To check this, look at the address bar for an “s” at the end of https://. This “s” stands for “secure” meaning the site is encrypted and protected from cybercriminals. If a site does not have this, it doesn’t automatically mean it’s spoofed, so make sure to check for additional signs. 
  • Try a password manager: Softwares used to autofill login credentials don’t work on spoofed websites. If the software doesn’t automatically fill out the password and username fields, it could be a sign that the website is spoofed. 
  • No lock symbol: Websites that are legitimate have a lock symbol or green bar to the left of the website URL address indicate a secure website. 

Caller ID Spoofing

  • You get calls from unknown numbers: Consistent calls from an unknown number are usually spoofed — don’t answer or hang up immediately.  
  • You’re getting responses: If you’re getting responses to calls or texts that you never initiated, that could be a sign that your number has been spoofed. For example, you may get text messages from people asking who you are or that you stop bothering them. 
  • Caller ID displays “911”: Sometimes a spoofed caller ID will display “911 Emergency” instead of the actual phone number of the calling party.

How to Protect Against Spoofing Attacks 

how-to-protect-against-spoofing-attacks-dos-and-donts
how-to-protect-against-spoofing-attacks-dos-and-donts1440×1273

There are many things you can do to protect yourself against spoofing attacks. Stay one step ahead of scammers with these helpful do’s and don’ts:

Dos 

  • Switch on your spam filter: This will prevent most spoofed emails from coming into your inbox. 
  • Examine the communication: If the potential spoof attack contains signs of poor grammar or unusual sentence structure, it may be an illegitimate request. Also, be sure to double-check the URL address of a website or the email sender address. 
  • Confirm the information: If an email or call seems suspicious, send a message or make a call to the sender to confirm that the information you received is legitimate or not.
  • Hover before clicking: If a URL looks suspicious, hover your mouse over the link so that you’ll know exactly where the page is going to take you before you click on it.
  • Set up two-factor authentication: Setting up two-factor authentication is a great way to add another layer to your passcodes. However, it’s not completely foolproof, so ensure you’re considering other security precautions as well.
  • Invest in cybersecurity software: Installing cybersecurity software is the biggest defense when it comes to protecting yourself from scammers online. If you run into trouble, download malware removal or antivirus software to protect your computer from any malicious threats or viruses.   

Don’ts 

  • Don’t click unfamiliar links or downloads: If a link or download file doesn’t look legitimate, refrain from clicking on them. If they’re from an attacker, they’ll usually contain malware or other viruses that can infect your computer.
  • Don’t answer emails or calls from unrecognized senders: If the sender is unrecognizable, don’t answer the call or email. This can help prevent any communication with a potential scammer. 
  • Don’t give out personal information: Avoid giving out your personal and private information, such as a credit card or social security number, unless you’re sure it’s a trusted source. 
  • Don’t use the same password: Create stronger passwords for your logins that are harder for scammers to guess. Change them frequently in case a scammer gets a hold of one. Also, steer away from using the same password for most of your logins.   

If you think you’ve been spoofed, you can file a complaint at the FCC’s Consumer Complaint Center. You can also contact your local police department if you’ve lost money due to spoofing. Be sure to check out our antivirus software to secure your digital life today and protect yourself against spoofing. 

The post What is Spoofing and How to Prevent a Spoofing Attack appeared first on Panda Security Mediacenter.

Article Link: https://www.pandasecurity.com/en/mediacenter/panda-security/what-is-spoofing/