Spoofing attacks continue to plague businesses and individuals everywhere, and many enterprises are working quickly to put anti-spoofing defenses in place. But because many users lack a clear spoofing definition, they are more likely to be susceptible to spoofing attacks.
In the following primer, “What is spoofing?”, we’ll provide a spoofing definition along with a brief overview of how organizations can prevent it.
A basic spoofing definition
A spoofing attack happens when a malicious party successfully impersonates another user or device. Hackers typically use spoofing to gain unauthorized access to a system or to sensitive information. Spoofing attacks may also be used to launch attacks against other network hosts or to spread malware software.
There are several major types of spoofing, including IP address spoofing, ARP spoofing, DNS server spoofing and email spoofing.
IP address spoofing definition
In an IP address spoofing attack, attackers disguise malicious traffic by sending IP packets from a false source address. IP address spoofing is often used to launch denial-of-service attacks that overload devices and networks with packets that seem to be from legitimate and recognized source IP addresses.
ARP spoofing definition
Address Resolution Protocol spoofing, or ARP spoofing, uses spoofed ARP messages across a local network to link an attackers MAC address with the IP address of a real member of the network. In an ARP spoofing attack, data that is sent to a host’s IP address is directed to the attacker’s address instead. This type of spoofing attack can be used to launch denial-of-service attacks, man-in-the-middle attacks and session hijacking.
DNS server spoofing definition
A DNS server spoofing attack involves modifying the DNS server to reroute a specific domain name to a different IP address. As a result, traffic may be routed to a server under the control of an attacker, where files may be infected with malware or viruses.
Email spoofing definition
In email spoofing, malicious individuals try to trick users into believing that an email is from a known and trusted source by forging the email header.Email spoofing is often used in phishing and spam campaigns because recipients are more likely to open an email sent from someone they know.
- Spoofing detection software that helps to identify spoofing attacks by inspecting and certifying data before it is transmitted.
- Packet filtering that filters out and block packets with conflicting source address information.
- Cryptographic network protocols that encrypt data before it is sent and authenticate it as it is received.
Learn more about a spoofing definition, or visit our AppSec knowledgebase to learn more about vulnerabilities like Insecure Cryptographic Storage and about making containerization development more secure.