Spoofing attacks and their types

✨ Megiddo

✨ President ✨
Staff member
Joined
May 15, 2016
Messages
13,729
Likes
2,643
Points
1,730
In translation from English spoofing - substitution. Accordingly, spoofing attack - attack with a substitution. So, what is the substitute for? Any data that gives some advantages.

Imagine an example from real life. There are two twin brothers, one is called Vasya, the other is Vanya. Vanya has a girlfriend Masha. His brother Vasya was walking down the street and met Masha. He wanted to play a trick on his brother and find out about him some information. He introduced himself to Masha Vanya, and Masha believed it. During the conversation, she told Vanya's secret, because she thought she was talking to him.

Under such a scheme, an attack occurs. Substitute data and gain access to something) Consider the types of such attacks.

IP spoofing.

Let's say that some site has access to the management of it through a trusted IP address. The intruder will recognize this ip, replace the data and gain access.

Spoofing Call ID

Using IP telephony, it is possible to replace this data. Thus, you can call from any phone number, and thereby cause confidence. So, for example in a carve it is often used to call the store on behalf of the buyer. The consultant in the store sees the phone number of the cardholder, and this does not arouse his suspicion of calling out any left number.

Spoofing E-mail addresses

The infa about the sender of the letter is changed, shown in the field "from". Also causes additional trust. It is often used for fake emails with malicious links and files. Let's say a letter from your colleague who supposedly threw you a document for work. The chance that you will open it is much higher than usual.

IDN Clones

Domain Address Substitution. The domain (website address) is the most similar to the one written in the original. Usually, the similarity of letters to numbers is used (the letter l and the number 1, the letter O and the digit 0), the similarity of the combinations of letters (rn and m, cl and d). Also there is a chip that you can almost invisible symbols add to the domain) Further to this domain fill in a copy of the original site, bring visitors there and collect their data.

ARP-Spoofing

The MAC address of the device is replaced, thereby creating the visibility that the device is requesting data. Due to this, you can access and / or data.

These are not all types of spoofing, there are a lot of them, but this is basic) See you in the next article.
 
Top Bottom