Spoofing

Spoofing is the act of impersonating a legitimate source by forging the sender’s info. This legitimate source could be a business, colleague, other trusted contacts.

This is done to manipulate the user to do something beneficial to the attacker, but detrimental to the user.

Elements

There are 2 elements involved :

• Spoof : A fake email or website
• Social-engineering : Nudging and manipulating the user to take action

Types

• Email spoofing : Sender forges email headers to appear legitimate. This relies heavily on social-engineering.
• IP spoofing : Attacker takes a legitimate host’s IP address, alters the packet headers sent from their system and gain unauthorised access to a system by sending messages with it.
• Called ID spoofing : Scammer falsifies info sent to your caller ID using Voice over Internet Protocol [VoIP].