|
In general the term spoof refers to a type of hacking or
deception technique that
imitates another person, software program, hardware device, or
computer, with the intentions of bypassing security
measures. One of the most commonly known types of spoofing
is IP spoofing.
IP spoofing
A method of bypassing
security measures on a network or a method of gaining access to a network
by imitating a different IP address. Some
security systems have a method of helping to identifying a user by
his or her IP address or IP address range. If the attacker spoofs
their IP address to match this criteria it may help bypass security
measures. This technique is also used to deceive a web page,
poll, or other Internet contest into thinking the user is someone
else allowing him or her to get more hits or falsely increase a
votes rank.
E-mail or address spoofing
Process of faking a senders e-mail address. This type
of spoofing is used to fool the recipient of the e-mail into
thinking someone else actually sent them the message. This is
commonly used to bypass spam filters or to
trick the user into thinking the e-mail is safe when in reality it
contains an attachment that is infected with a
virus or spam.
- See document CH001065 for additional information about why you may be getting bounce back e-mails from e-mail you didn't send.
Web page spoof
A fake web page or
spoof on another commonly visited page. For example a malicious user
may create a spoof page of Microsoft's, eBay, PayPal or Google's
home page that looks identical but is hosted on a different server.
These type of pages are commonly used in
phishing e-mails to extract information from the user such as
usernames and passwords or to send malicious files to them.
Also see: IP,
Joe Job, Network
definitions, Security definitions,
Underground
|
