Spoofing

In this week of cyber fraud and hacking, we are going to take a look at one of the oldest tricks in the book which the majority of the victims still fall for time and again. This method is known as spoofing and comes in a variety of forms which you will learn about as we go along.

Spoofing in itself is an art of deception whereas the attacker deceives the victim into giving sensitive information by misappropriating a legitimate identity, in order to reassure the victims they can trust them with such information. Or in some cases get random people or selected targets to click on a link and by doing so unbeknown to them, the attacker moves to access their sensitive information. This is known as phishing and spear-phishing the only difference between the two is the latter has an intended target.

The most common method of spoofing is email spoofing, since most business is conducted via email in the digital age. What the attackers do here is replicate the email account from a legitimate source within the framework of the victim’s contacts and, or database. By doing so the victim genuinely believes that they are communicating with someone he/she knows, and thus freely gives out information to the attacker without much effort on their part. 

Increasingly we are seeing instances of phone spoofing, where a victim receives a call and is either deceived into selecting an option which is disguised as an application/service commonly used by the victim. This way the attacker sounds genuine and credible while the target is assured that he is receiving a genuine and authorised source who even called him/her to facilitate the service/transaction.

Another ingenious form of spoofing is called ARP (Address Resolution Protocol) spoofing, which takes on two forms namely IP spoofing and MAC spoofing. IP spoofing occurs when the attacker obtains the target IP address and manipulates the router into believing that he is part of the same network/database as his target. This is generally done to obtain access to an embedded server within the target network.

MAC address spoofing is carried out by obtaining the MAC address, which is the permanent address of a device set by the manufacturer. By spoofing the MAC address of a particular system within the network the attacker can gain unconventional and illegal access to a targeted server.

Even though these attacks are increasingly becoming more professional doesn’t mean they can’t be prevented. For example when receiving a strange email or a phone call common sense should prevail and you should not give out extremely sensitive information such as credit card details or passwords to accounts even if you think you know the person who sent the request off hand.

As for MAC and Email spoofing the settings to your network can be changed, for example by decreasing the subnet and clearing the log of empty IP addresses you can reduce if not eliminate the possibility of coming under an IP spoofing attack. Installing packet filters and/or dynamic ARP filters helps with reducing such attacks. Website phishing always ensures that the URL is correct and corresponds to the original URL.