Spoofing

Stay a step ahead of the scammers. Educate yourself on some of the most common frauds and scams.

What is spoofing and how does it work?

Spoofing is a cybercrime where someone disguises themselves as a trusted contact or brand in order to gain a victim’s trust so they can gain access to sensitive personal information. Spoofing comes in all forms - fake websites, fake emails and phony phone calls. Spoofing can also be more technical, where hackers set up fake IP Addresses, APRs (Address Resolution Protocols) and DNS (Domain Name System) servers.

What are the types of spoofing?

Like other forms of cybercrimes, spoofing takes many forms. Some of the most common types of spoofing are: 

  • Email spoofing:

    Email spoofing is a common, effective and dangerous form of spoofing. This type of spoofing happens when cybercriminals use spam and phishing attacks, to trick users into thinking that an email(s) came from a person or entity they either know or can trust. In spoofing attacks, the sender forges email headers so that client software displays the fraudulent sender address, which most users take at face value. Learn more about Phishing.

     

  • Website Spoofing:

    Website spoofing happens when cybercriminals create the exact (and false) replica of a trusted website, with the intention of misleading visitors to a phishing site, which in turn is used to collect personal and sensitive information, used for financial and other types of fraud.  Legitimate logos, fonts, colors and functionality are used to make the spoofed site look realistic.

     

  • URL Spoofing:

    The process of creating fake or false URLs which pose as legitimate websites is commonly known as URL spoofing. The spoofed URL is almost identical to the actual (real) URL, and is used to take the user to a fake/spoofed website which is a landmine for cybercrime such as financial fraud, social security fraud and more. 

     

  • Caller ID spoofing:

    This is a form of spoofing where the caller deliberately sends false information to change the caller ID. Most Caller ID spoofing is done using a VoIP (Voice over Internet Protocol) service or IP phone that uses VoIP to transmit calls over the internet. Some providers even offer spoofing services that work like a prepaid calling card.

     

  • Text message spoofing:

    SMS spoofing is a technique that allows us to change the sender information on a text sent via the short message service (SMS) system. SMS text messages are used by cell phones, personal digital assistants, and similar devices and are typically just known as text messages. Text message spoofing is used to send fake text messages to users that often try to get the user to click a link within the text message, which then leads them to phishing and smishing attacks.  Learn more about smishing and spam text messages.

     

  • GPS spoofing:

    Global navigation satellite systems (GNSS) have been around for years all over the world. Global Positioning Systems (GPS) is a part of the GNSS family. GPS spoofing happens when a cybercriminal uses a radio transmitter to send a false GPS signal to a GPS receiving antenna. Such attacks succeed because most GPS systems are programmed to receive and act upon the strongest GPS signal. So, in the case of GPS spoofing, the stronger fake signal overrides the weaker but legitimate satellite signal.  

     

  • Man-in-the-middle attacks:

    A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application—either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is underway.

     

  • IP spoofing:

    Internet Protocol (IP) spoofing is both malicious and insidious. IP spoofing takes place when the threat actor (or cybercriminal) hides the true source of IP packets to make it difficult to know where they came from. The attacker creates packets, changing the source IP address to impersonate a different computer system, disguise the sender's identity or both.

     

  • ARP spoofing:

    ARP (Address Resolution Protocol) spoofing is when an attacker sends a fake message onto a local area network with the goal of associating the attacker’s with the of another host. This causes any traffic meant for that IP address to be sent to the attacker instead.

     

  • DNS spoofing

    DNS spoofing is a form of computer security hacking where a bad actor “poisons” entries on a DNS server to redirect its victim to a malicious website under the hacker’s control. This would allow them, for example, to cause your computer to visit their site when you attempt to visit verizon.com.  Public Wi-Fi environments are more vulnerable to DNS spoofing – and users need to exercise extreme caution before connecting to these networks.

     

  • MAC spoofing

    - Media Access Control (MAC) spoofing is an attack where fraudsters or paid hackers scan networks for valid and original . Once found, they are able to by-pass access control measures and copy all of the data without being identified. This can provide important details about applications in use and end-host .
IP Addresses

are internet addresses which are used to uniquely identify the connection of the network that devices are connected to.

    MAC Addresses

    Just like your house which has its own postal address, every device that is connected on any network has a Media Access Control (MAC) address, which is a physical address that uniquely identifies the device. The MAC address is a 12 digit number with colons and/or hyphens that can usually be found in your device settings or on the device itself.

      IP Address

      is an internet address which is used to uniquely identify the connection of the network that the device is connected to.

        MAC Address

        Just like your house which has its own postal address, every device that is connected on any network has a Media Access Control (MAC) address, which is a physical address that uniquely identifies the device. The MAC address is a 12 digit number with colons and/or hyphens that can usually be found in your device settings or on the device itself.

          How to prevent spoofing attacks.

          Protecting yourself against spoofing attacks is important. Here are some things you can do or not do to keep yourself safe from spoofing.  

          Do these things:

          • Make sure your spam filter is on. This will prevent most spoofed emails from coming into your inbox. 
          • Watch out for warning signs.  If the potential spoof attack contains signs of poor grammar or unusual sentence structure, it may be an illegitimate request. Also, be sure to double-check the URL address of a website or the email sender address. 
          • Confirm the information. If an email or call seems suspicious, send a message or make a call to the sender to confirm whether the  information you received is legitimate or not. If in doubt, do nothing. Do not click, download, respond or call back till you have been able to verify the authenticity of something that looks suspicious. 
          • Always hover before clicking. If a URL looks suspicious, hover your mouse over the link so that you’ll know exactly where the page is going to take you before you click on it. On a mobile device, press and hold down on any link and the full URL will appear.
          • Set up two-factor authentication. Setting up two-factor authentication is a great way to add another layer to your passcodes. However, it’s not completely foolproof, so ensure you’re considering other security precautions as well.
          • Invest in cybersecurity software. Installing cybersecurity software is the biggest defense when it comes to protecting yourself from scammers online. If you run into trouble, download malware removal or antivirus software to protect your computer from any malicious threats or viruses.   

          Don’t do these things.

          • Don’t click unfamiliar links or downloads.  If a link or download file doesn’t look legitimate, refrain from clicking on them. If they’re from an attacker, they’ll usually contain malware or other viruses that can infect your computer.
          • Don’t answer emails or calls from unrecognized senders.  Never give out personal and private information such as financial details, credit card information or your social security number, unless you are sure the request comes from a trusted and legitimate source. If the sender is unrecognizable, don’t answer the call or email. This can help prevent any communication with a potential scammer. 
          • Don’t use the same password over and over again.  Create stronger passwords for your logins that are harder for scammers to guess. Change them frequently in case a scammer gets a hold of one. Equally important — don’t use the same password for different accounts/services.

          How to report spoofing.

          If you think you’ve been spoofed, you can file a complaint with the FCC’s Consumer Complaint Center. You can also report fraud to the Federal Trade Commission. In addition, you can also contact your local police department if you’ve lost money due to spoofing.


          If you come across a Verizon website you believe is spoofed, please contact us.

          Spoofing questions and answers

          What is a spoofing attack?

          A Spoofing attack means that an untrustworthy or unknown form of communication disguised as a legitimate source is sent to customers of trusted institutions like a bank, popular brand or from public officials. The overall goal of spoofing is to get users to divulge their personal information.

          Can you detect spoofing?

          You can detect spoofing by watching out for the following indicators, which are signs you’re being spoofed:

           

           

          Spoofed websites:

          • Website does not have an SSL Certificate:  Look at the page URL you are on. Do you see the lock symbol? If you click on it you will be able to see if the  website is secure and has a valid SSL certificate.  Just beware that some fraudsters also have SSL certificates -  so other checks are needed.
          • The website does not use HTTPS protocol. Most legitimate websites always use HTTPS.  Always be suspicious of websites that use the old HTTP (no “s’)protocol which is less secure.
          • Your Password Manager does not appear.  Secure Password Management programs such as Dashland and Google are great at detecting spoofed sites.  If you happen to land on a spoofed website and your password manager does not prompt you to use it to fill in your information  - it is a good sign you are being spoofed.

           

          Spoofed Emails:

          Check your emails carefully. Look out for odd domains from the sender, embedded links that have unusual URLs, emails with typos, bad grammar or poor layout, or zipped attachments. 

           

          Spoofed Phone Calls 

          Caller IDs are easily spoofed.  This is true especially for landlines. Scammers will use spoofed numbers that show up being a caller from your hometown - making you more likely to pick up the phone.  The best way to manage this is to let all calls from unknown callers go to voicemail.

           

          What is an example of spoofing?

           Banks, trusted brands, and even local law enforcement are frequent targets of spoofing scams - because these entities are most trusted by consumers. Here are a few recent examples of spoofing attacks.

           

          What are common types of spoofing?

          Spoofing attacks come in many forms, the most common types include:

          Email Spoofing

          Domain or URL Spoofing

          Text Message Spoofing

          Caller ID Spoofing

          DNS Cache Poisoning or DNS Spoofing

          Address Resolution Protocol (ARP) Spoofing

          IP Spoofing

          GPS Spoofing

          Man-in-the-middle (MitM) attack

          Facial Spoofing

          DDoS Spoofing

          Extensions Spoofing

          What is the difference between spoofing versus phishing?

          The difference between spoofing and phishing is that spoofing is something a phisher uses to make a phishing attempt seem more legitimate. The Phisher will craft an email or phone script that uses spoofed URLs, websites or  phone numbers to make the pitch more believable.