Definition | spoofing

Cyber-attacks have been on the rise in recent years. Spoofing is difficult to detect and particularly daunting for individuals and businesses. An obscure term that may seem barbaric to the uninformed, spoofing must be popularized to be better understood.

In English, spoofing means theft, implying « electronic identity theft ». This consists of pretending to be someone else in order to send computer viruses or spam. Spoofing therefore generally means electronic identity theft, it is based on social engineering techniques, in other words manipulation strategies. Spoofing is always impersonating someone else, regardless of the medium used.

This is how Web users sometimes receive in their email emails from someone they know carrying computer viruses, even though they are not necessarily infected. But the definition of spoofing is not so short…

How to define spoofing?

Identity theft on the Internet consists of obtaining confidential personal or banking information. This fraud technique includes a whole range of processes built on the ability of a hacker to impersonate another person or company, known to his target. Thus, it is not uncommon to have to deal with usurpers replacing a supposedly “reliable” entity such as EDF, La Poste or the banks to send fraudulent information. Their goal is to deceive the vigilance of their target, who, confident, will not think to check the sender’s email address. This tactic is called brand spoofing »namely the impersonation of large companies.

Spoofing can have other purposes than identity theft to access sensitive data. Hackers can distribute malware through attachments or links, to bypass network access systems, but also to prepare the ground for further attacks.

Hackers seek to impersonate someone else

Regardless of the method used, the hacker pretends to be a trusted person or institution:

• email address spoofing by replacing a capital letter with a lowercase letter, or .com with .co;
• usurpation of the name, slightly modified;
• cheating on the president by impersonating someone important (your line manager).

Hackers who implement spoofing, request a bank transfer, share sensitive data, seek to install a door stolen (back door).

Devices used by hackers

Pirates roam on Internet. Identity theft relies on manipulation. It therefore takes different aspects:

• Internet and messaging;
• facial recognition software to access secure buildings;
• the fake GPS call;
• phone calls.

Beware of spoofing! Checking e-mail addresses on receipt of a suspicious message should become almost automatic, as should checking the URL of a web page. © Oleksiin, Adobe Stock

What is spoofing used for?

The objectives of pirates are always to extend a trap their victimsto extract confidential data from them if it is a company, themoneyeven to prepare a massive viral attack.

Misappropriation of information and money

Individuals are undoubtedly the most exposed to these attacks.

• plundering of know-how: hackers lead the victim to install spyware intended to steal from a company, an administration or a scientist, sensitive data relating to research or technologies;
• financial data theft: hackers can obtain financial transfers or the communication of bank data from their victims. They can also spy on them.

Diversion of personal data and D’moneywhich is probably what pirates prefer.

Viral infection of one or more devices

Viral infections can do considerable damage. They are of several orders:

• spoofing can set up a type attack Man-in-The-Middle (MiTM) which allows the pirate to intercept and relay the communication of several Internet users without their knowledge;
• infection of all kinds of viruses, in addition to spyware : backdoors or back doorto take control of one or more devices, trojans, ransomware, etc. ;
• engage in attacks denied service (DDoS for Distributed Denial of Service) in order to sabotage a service.

Spoofing, how does it work?

While still based on identity theft, spoofing takes very different paths. It generally embraces all communication techniques on the Web. They can be classified into two types:

1. Messaging, extension and websites

Spoofing works in different ways:

• handling of emails looks like thePhishing : All the pirate has to do is falsify an e-mail address or the name of the sender. He can invent a name and attach it to an institution;
• hijacking the extension of a file that will be downloaded by victims;
• the falsification of a website : it may be a fake site of your bank so that you can deposit money with confidence.

2. Manipulation of the IP address

The spoofing of theIP adress is certainly the most dangerous threat. It takes various forms:

• the spoofing of IP address is to falsify a IP adress to send packages to networks that accept them.
• ARP data spoofing or Address Resolution Protocol to convert theIP adress of the victim in MAC address (Media Access Control) of the hacker;
• the usurpation of domain name (DNS or Domain Name System) which allows it to be diverted to a fake IP address.

Protect yourself from spoofing

If for a business take cybersecurity training is certainly the best alternative to better understand spoofing and avoid cyber-attacks, individuals can implement some tips.

Checking e-mail addresses on receipt of a suspicious message should become almost automatic, as should checking the URL of a web page.

Properly analyzing the content of the email also helps to avoid spoofing. Indeed, the accumulation of spelling and syntax errors, especially for an email from an entity deemed reliable, can alert the recipient. It is also advisable to avoid clicking on a link or opening an attachment in a suspicious email.

Obviously, it is essential not to respond to emails that ask for personal information or to deposit money into an account. The implementation of an anti-virus on a computer is, moreover, a solution to prevent hackers from taking control of a machine.