Home Computer Spoofing, what it is and how to defend yourself

Spoofing, what it is and how to defend yourself

A recent type of attack hackerknown by the name of spoofingrisks putting the user in a very uncomfortable situation: one in which I get an email from myself.

Spoofing is used to forward spambut also to organize much more dangerous scams, which exploit the social engineering.

To learn what to do for defend against spoofing first you need to know the threat in detail. After that it is possible to exploit a whole series of technological solutions.

What is spoofing

spoofing

The term spoofing comes from the English “spoof”, a noun alluding to different types of forgery or cheating: from the most good-natured hoax to the scam carried out for profit.

In informatica spoofing is a particular thing attack made by hackers, which revolves around various forgery activities. For example the forging the identity of a hostbut also the sender forgery in the context of a communication.

In general, we can speak of spoofing whenever an attacker exploits the network for impersonate someone else. Having said that, it is also possible to enumerate a few spoofing macro-categoriesbased on the levels of the stack TCP/IP and of those of the ISO/OSI model.

We talk about spoofing a livello 2 in case the hacker attack has anything to do with the Network Access Layer. For example the MAC spoofing spoofs MAC address of devices.

L’ARP spoofing instead it manifests itself with the sending of an ARP message: in this case the goal usually consists inassociate a MAC address to the IP of an external host.

Spoofing is a hacker attack that involves impersonating your identity

We talk about spoofing a livello 3 in case the hacker attack has to do with theInternet Layer. This is the case with IP spoofing: A scam in which the hacker creates an IP packet with a spoofed sender IP address.

Instead we talk about spoofing a livello 4 in case the attack has to do with the Transport Layer. Think about it in this sense spoofing UDP and allo spoofing TCP.

In the first case, the hacker exploits a protocol connectionless per forge a UDP datagram header by entering certain desired information.

In the second case, also known as bling spoofing, the hacker exploits a protocol connection oriented, by sending an ACK packet to the server with forged IP and sequence number.

How advanced spoofing works

spoofing

When it comes to advanced spoofing often referred to as the so-called spoofing a livello 7: what has to do with l’Application Layer and which often makes use of techniques of social engineering.

Some examples of this are the web spoofingil DNS spoofingil referer spoofing and the caller ID spoofing. Scams involving a web server, a DNS server, a forged HTTP request or a VoIP call, respectively.

Finally it is impossible not to mention l’email spoofing: a scam in which the attacker falsify the sender address of a communication written.

Email spoofing is often a vital component of more elaborate scams: from simple spam when sending malware o al phishing. Change the sender of an email in fact allows you to give it credibilitygenerating the desired effects in the victim.

Email spoofing allows you to perpetrate particularly dangerous scams: from phishing to social engineering

In this sense, think of worry which can generate a email sent by law enforcement inviting you to appear in court. but also ateuphoria which can generate a mail sent by any operator announcing rich prizes.

Then there is a another type of email spoofing which manages to generate an impressive mix of legitimacy, surprise and concern. The classic case can be exemplified with the statement: I get an email from myself.

This technically very simple spoofing assumption is used for deliver blackmail messages of various nature. Usually the sender claims to be a hacker and to have entered in possession of the victim’s credentials.

It actually is possible to simulate sending an email from the same address as the recipient without having any kind of access to your personal information.

How to defend against spoofing

spoofing

At this point it is legitimate to ask what to do to defend against spoofing. Fortunately, there are several paths to follow, starting with simple applications common sense.

A first piece of advice is to always pay close attention with each communication you receive: this means reading the subject and body of the message, reading the sender and check if there are any points of attention. One above all lack of consistency between the type of communication sent and the address used to send it.

For the rest there are different software solutions which allow the user to protect yourself from various types of spoofing listed in the previous paragraphs.

The antivirus more recent ones are equipped with protection systems from the main hacker attacks: from spoofing al phishinggoing through the installation of virus e malware.

There are several technologies that help protect against spoofing: from antivirus to the DMARC Record

More generally, the solutions that exploit the standard IEEE802.1x are equipped with a series of very thorough checks, which quickly identify unwelcome intrusions.

Added to this is the fact that the same provider over the years they have developed correctives and Strategies to counter hacker attacks. Starting with the classics spam filters, up to more advanced technologies.

One above all the introduction of Record DMARC (Domain-based Message Authentication, Reporting & Conformance): a system of email message validation, reporting, and compliance.

One of the practical applications of the DMARC Record is the check that email address that the user reads as the sender matches the domain where the email actually comes from. An effective method to significantly reduce the risk of spoofing.

To know more: Computer security, guide to safe surfing on the web

Please visit our website for more information

LEAVE A REPLY

Please enter your comment!
Please enter your name here