What is Spoofing and Why is it a Threat?

July 13, 2021

Spoofing is a type of cyberattack that occurs when a scammer disguises themselves as a trusted source to gain access to important information. According to Merriam-Webster, the word "spoof" dates back to its first written use in 1884 referring to some sort of game, which we don't know much about. Soon thereafter though, the word evolved into a verb that meant being tricked out of something. Today it is generally used to describe cybercrimes of impersonation with intent to steal information. Spoofing is a key step in Business Email Compromise (BEC) which involves different types of spoofing and phishing to intercept business email communications and get targeted companies to wire funds directly to criminals.

Types of Spoofing

Spoofing attacks can be carried out in many different forms all with the same goal, to steal your information. Let's go over different types of spoofing so you know what to look out for to protect you and your business.

Caller ID Spoofing

Caller ID spoofing occurs when a scammer shows false information through the Caller ID. Caller ID spoofing makes it so your phone will display false information, instead of the incoming phone number, thus hiding the identity of the scammer and making it impossible for the number to be blocked. Scammers can also spoof the area code of a phone number so recipients will be more likely to pick up the phone if they recognize their local area code.

Website Spoofing

Website spoofing occurs when a scammer makes a replica of a legitimate website using the same fonts, colors, and logos in an attempt to get visitors to divulge personal information. Website spoofing may also be an attempt to lead users to a phishing or malicious site, instead of the legitimate one.

Email Spoofing

Email spoofing is when a scammer sends out emails with fake sender addresses to trick the recipient into thinking the email came from a safe, legitimate source. The intention here is to try to infect the user's computer with malware, ask for money posing as someone else, or steal the user's information. This method is often used in a Business Email Compromise (BEC) scam. These fake addresses are often disguised as the display name on the recipient's email client, or the email address is very close to the actual spelling of the name or domain, but it is off by a character.

Text Message Spoofing

Text message spoofing is when a scammer uses another person's phone number to send a text or SMS message. By doing this, scammers hide their identity behind an alphanumeric sender ID, These messages will usually include links to phishing sites or malware downloads.

GPS Spoofing

GPS spoofing is when a GPS receiver is deceived by fake signals that resemble real ones. The scammer is pretending to be in one location while actually being in another. This method can be used to gain access to a car GPS and send the user to an address of the hacker's choosing. This can include any type of vehicle or device that uses GPS technology, like ships, aircraft, or monitoring systems.

Man-in-the-middle (MitM) Attack

A Man-in-the-middle (MitM) attack occurs when a scammer hacks a Wifi network to intercept web traffic between two parties. Most often by creating a duplicate, yet fraudulent, Wifi network in the same location to mimic the legitimate network users are trying to reach. By intercepting this traffic, scammers are able to reroute sensitive information to themselves, such as logins, passwords, or payment information.

Extension Spoofing

In an attempt to disguise malware extension programs and files, scammers will rename the files to be something like "Filename.docx.exe" and hide malware inside the extension. 

IP Spoofing

When a scammer hides the location of where they're sending or requesting data from. Scammers use this tactic to trick computers into thinking information is being sent from a trusted source, allowing malicious content to pass through security measures.

DNS Server Spoofing

Domain Name System (DNS) spoofing, sometimes referred to as cache poisoning, is used to reroute traffic to different IP addresses set by hackers. Most commonly leading unsuspecting visitors to malicious websites. Hackers will replace the IP addresses stored in the DNS server with the ones that they want to reroute the user to, and thus try to steal personal information.

ARP Spoofing

Address Resolution Protocol (ARP) spoofing is when a scammer will send falsified ARP messages over a Local Area Network (LAN), resulting in a scammer's MAC address being linked to the IP address of a legitimate computer or server on the LAN.

Signs of Spoofing

If you think you're being spoofed, be on the lookout for these behaviors most commonly practiced by scammers:

Email Spoofing

  • Be skeptical of attachments: When it comes to attachments from an unknown sender, be careful. And even if it comes from a known sender, always double-check the attached file. Is it the file size and type you were expecting? Does it have a strange name? When in doubt, don't open it.
  • Double-check the sender's email address: Scammers will often create email addresses that are almost exactly like the real ones, but they aren't. Perhaps by making the domain yourwebsite.co instead of yourwebsite.com, or JonSmith@google.com instead of JohnSmith@google.com, always double-check the spelling, web address, and display name.
  • Pay attention to poor grammar: If a message contains poor grammar, multiple errors, typos, and odd formatting, it may fraudulent.
  • Research, research, research: Find the sender's contact information outside of the message you received to see if it matches the message in question. You could even reach out directly to verify the correspondence and make sure it's legitimate. More often than not if it is too good to be true, it is too good to be true.

Website Spoofing

  • Look closely at the address bar: A malicious spoofed website will likely not be secured. If you look at the address bar in your browser you should see an "s" at the end of https://. It stands for "secure" and that means the website is encrypted and thus protected from cyberattacks. Some browsers like Google Chrome even have a lock symbol in the address bar to let you know the page you're visiting is safe. It's worth noting that if a website does not have the "s" in the address, it doesn't automatically mean it is fraudulent, just keep an eye out for additional signs of fraudulence.
Google Chrome's address bar on a secure website.
  • Autofilling passwords: Internet browsers and software that autofill login credentials will not work on spoofed websites. If the software or internet browser you are using doesn't automatically fill out username and password fields, it could be a sign that the website is spoofed.

Caller ID Spoofing

  • Calls from unknown numbers: Calls from unknown numbers that come consistently are usually spoofed. Calls like this should not be answered, ignore the call and block the number.
  • Unprompted responses: If you're getting responses to calls or texts that you never initiated, that could be a sign that your number has been spoofed. This means a scammer has been disguising their number as yours, and now you are getting the messages meant for the scammer.
  • Caller ID displays "911": Spoofers will sometimes disguise their number as "911 Emergency" or "911 Hospital" to gain your trust and use social engineering to steal your personal information.

How to Protect Against Spoofing

Protect yourself against spoofing attacks by following these dos and don'ts:

Dos

  • Always confirm information: It is always a good idea to confirm suspicious-looking messages with another message or phone call to verify that the initial message was legitimate.
  • Make sure your spam filter is on and functioning: Spam filters will prevent most spoofed email from hitting you inbox.
  • Hover over before clicking: Hover over suspicious-looking URLs to see exactly where the link will take you. Use this as an opportunity to determine if a link is legitimate or not.
  • Read closely: If the message contains poor grammar, unusual sentence structure, or illogical formatting, it may be a fraudulent request. Make sure to also double-check the URL of any websites listed and the email sender's address.
  • Set up two-factor authentication (2FA): By setting up two-factor authentication you add a layer of security whenever you log in. Most services and software have 2FA built-in, so make sure to verify it is turned on and functioning properly.
  • Invest in Managed-IT services: Having a Managed-IT service provider who proactively monitors and manages your IT infrastructure also handles issues before they cause downtime. This allows your business to accurately plan your IT budget by providing a flat monthly rate for each of your users, and can easily be scaled as your business grows. CDS would love to help evaluate your current IT needs and prevent spoofers from ever gaining access to your sensitive information. Visit our Managed IT page here to learn more about how we can help and lower your IT costs.

Don'ts

  • Don't communicate with unrecognized senders: If you don't recognize the sender, don't answer the call or email.
  • Don't reveal personal information: Avoid giving out any personal information, such as payment information, your social security number, or logins and passwords unless it's a trusted source. Many companies even make it a point to tell consumers that their service representatives won't ask for specific information. 
  • Don't use the same passwords: Using the same password for multiple accounts on different platforms can leave you extremely susceptible to a security breach. Create difficult passwords so they are harder to guess and if the behavior seems abnormal, change your password just in case. If you have trouble remembering many different passwords, you can use a secure password manager like RememBear to help you remember while still staying secure.
  • Don't click unfamiliar links: Trust your gut. If a link looks a little off, it probably is. Remember, you can hover over a link to see where it'll actually take you.

Alongside educating yourself, you should make sure your IT infrastructure is actively being monitored for other cybersecurity risks that are evolving every day. CDS would love to help evaluate your current IT needs and take a proactive approach to your security. Click below to schedule a free IT consultation and learn more about how we can help you and lower your IT costs.

Schedule a free IT consolation today! Click here to find out how.

Tags

Get your FREE Quote Today!

Thank you! Your request has been received.
A representative will be reaching out to you shortly.
Oops! Something went wrong while submitting the form.

About CDS

Beyond copiers and printers, CDS offers a full suite of technology solutions ranging from Managed Print Services, to Managed IT Services, and Project-Based IT Services, providing our customers a Single Source for all their business technology needs.

Read More

Subscribe

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.