Hackers use different techniques to access our data and steal personal data; one of the most used techniques is spoofing. Spoofing techniques in recent years have become very refined and difficult to identify, to the point that more and more security suites provide protection modules dedicated only to these techniques, such as Norton 360 Deluxe by Norton LifeLock, for example. In the following chapters, you can find a complete explanation of what spoofing is, how an attack is carried out, how to recognize an attack and how to defend yourself effectively, increasing security while surfing the net and managing e-mail messages.
What Is Spoofing In Computer Science
Spoofing is a type of computer attack based on identity forgery: hence the use of the term spoof, which in English means “deception, teasing”. This attack is carried out by manipulating the information displayed to the unsuspecting user, who can be attacked by visiting a certain site, accessing an Internet service or making a simple phone call. Technically speaking, spoofing can occur at any layer of the OSI model, although most of today’s attacks are conducted at the application layer (although there are also network and link layer attacks).
How A Spoofing Attack Works
A spoofing attack can be carried out with very different techniques, which have the same objective. Here is a list of the various ways a spoofing attack can occur.
- Phone Spoofing: In this type of attack, you make calls or text your victims, posing as someone else.
- E-mail spoofing: in this type of attack, fake emails are sent, with logos and signatures of real companies, to deceive the recipient. Phishing is also used for these emails since they leverage real information to deceive the unsuspecting user.
- IP Spoofing: with this type of attack, the attacker modifies his device to show a secure IP on the network; by doing so, it can receive packets instead of the PC to be attacked or send modified packets to the target PC.
- ARP spoofing: with this type of attack (much more sophisticated than the previous IP Spoofing), the attacker modifies the device to divert ARP requests, to intercept all data passing through the network. The target is usually the router (which the criminal wants to replace), which must have special defenses to protect itself effectively.
- DNS Spoofing: with this type of attack, DNS requests are modified, making web requests to phishing and scam sites (often completely similar to the originals) pass as legitimate. Usually, it is combined with other types of attacks to pass under trace undisturbed (a common browser could detect tampered sites or invalid certificates of HTTPS sites).
- Website spoofing: by combining the spoofing techniques seen so far, the attacker can attack this type, in which a legitimate web page is replaced by a counterfeit web page (but very similar to the original) to capture personal information, login credentials and credit cards.
- Caller ID spoofing: this attack is carried out on mobile devices by changing the identifier of the calling number. This way, the attacker can pass for a reliable company or assistance service without arousing suspicion. Both traditional calls and calls via the Internet (i.e. VoIP calls on messaging apps such as WhatsApp or similar) are exposed.
- GPS Spoofing: with this attack, the GPS coordinates of the device in use are modified to deceive the localization systems included in the operating systems and within the browsers.
- Man-in-the-Middle: the MITM or Man-in-the-Middle attack can be considered a spoofing attack, given that the attacker intervenes in the communication between two PCs or between two network devices to intercept the traffic in both directions.
These types of attacks are carried out daily. In most cases, the user doesn’t even notice it or does it only when it’s too late, realizing that he has suffered a theft of identity, password or money from his credit card.
How To Recognize An Attack And How To Defend Yourself
Recognizing an SMS or email spoofing attack is relatively easy but requires some attention. Usually, messages related to spoofing have grammar errors, typos or sentences not written in correct Italian, which can arouse some suspicion in the most attentive users. For the average user, generally more distracted and less focused on the form of the messages received, it becomes difficult to recognize an attack carried out through Caller ID spoofing or through an email spoofing expert.
In this case, the nature of the request may take time to clear, and you could respond without thinking too much, making the attack by the attacker much easier. There are spoofing attacks that are so complex and well-crafted that they can’t be identified or stopped by sheer attention or experience. In these cases, it is advisable to preventively use protection software equipped with scanning modules or systems capable of blocking spoofing attacks.
How To Prevent Spoofing
The best method to prevent all spoofing attacks is to use a reliable protection system like Norton 360 Deluxe. Using this security suite gives you an optimal level of protection against most existing cyber threats, including spoofing attacks. Specifically, the suite proposed by Norton LifeLock provides the following:
- antivirus with advanced security, capable of protecting against existing and emerging online threats and safeguarding confidential and financial information
- monitoring of suspicious emails and links to stop any phishing attack in the bud (without having to open the content)
- Scanning module with artificial intelligence (AI) technology, great for machine learning of techniques and threats carried out through spoofing.
- Norton Smart Firewall, which monitors network traffic sent and received on your computer, identifying suspicious traffic (particularly that generated through IP spoofing, ARP spoofing, and Website spoofing)
- PC backup on the cloud, useful for recovering files deleted or blocked by the heaviest attacks, to be able to resume work without wasting time and money
- Password manager to protect all site accounts and prevent email spoofing attacks.
To complete the protection package, we find:
- Secure virtual private network (VPN), especially recommended for preventing DNS Spoofing, Website spoofing and Man-in-the-Middle attacks
- SafeCam module for PC to prevent the webcam from being spied on
- Parental control for the protection of minors connected to the web.
Norton 360 Deluxe is available as a subscription for €34.99 for one year, with the option of including up to 5 fixed and mobile devices (PCs, Macs, smartphones and tablets) in the protection; at the end of the first year, the price will increase to €94.99. Alternatively, you can choose the two-year subscription for €79.99; in this case, the subscription price then goes down to €94.99. For higher level protection, you can focus instead on Norton 360 Premium, one of the best protection systems currently available for PCs. For the Premium version, the subscription price is €44.99 for the first year, after which the price will be €104.99.