Spoofing Attacks

It is one of those tricks by which an attacker can get access to the whole computer system or server of an organization and steal all the essential data, which can result in demolishing the reputation

Overview

Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source. Spoofing can apply to emails, phone calls, and websites, or can be more technical, such as a computer spoofing an IP address, Address Resolution Protocol (ARP), or Domain Name System (DNS) server.

Spoofing can be used to gain access to a target’s personal information, spread malware through infected links or attachments, bypass network access controls, or redistribute traffic to conduct a denial-of-service attack. Spoofing is often the way a bad actor gains access in order to execute a larger cyber attack such as an advanced persistent threat or a man-in-the-middle attack.

Successful attacks on organizations can lead to infected computer systems and networks, data breaches, and/or loss of revenue—all liable to affect the organization’s public reputation. In addition, spoofing that leads to the rerouting of internet traffic can overwhelm networks or lead customers/clients to malicious sites aimed at stealing information or distributing malware.

Types of Spoofing Attacks

ARP Spoofing

Address Resolution Protocol (ARP) poisoning is an attack that involves sending spoofed ARP messages over a local area network. It’s also known as ARP spoofing, ARP poison routing and ARP cache poisoning.

These attacks attempt to divert traffic from its originally intended host to an attacker instead. ARP poisoning does this by associating the attacker’s Media Access Control (MAC) address with the IP address of the target. It only works against networks that use ARP.

ARP poisoning is a type of Man-in-the-Middle attack that can be used to stop network traffic, change it, or intercept it. The technique is often used to initiate further offensives, such as session hijacking or denial-of-service.

Reference Links:

PreviousMITRE ATT&CK FrameworkNextSSL

Last updated