What is a spoofing virus

Cybersecurity Basics. What is a spoofing attack? For Home View all Malwarebytes products. Spoofing, as it pertains to cybersecurity, is when someone or something pretends to be something else in an attempt to gain our confidence, get access to our systems, steal data, steal money, or spread malware. Spoofing attacks come in many forms, including:. So how do the cybercriminals fool us? Often times, merely invoking the name of a big, trusted organization is enough to get us to give up information or take some kind of action.

For example, a spoofed email from PayPal or Amazon might inquire about purchases you never made. Concerned about your account, you might be motivated to click the included link. From that malicious link, scammers will send you to a web page with a malware download or a faked login page—complete with a familiar logo and spoofed URL —for the purpose of harvesting your username and password.

There are many more ways a spoofing attack can play out. In all of them, fraudsters rely on victims falling for the fake. If you never doubt the legitimacy of a website and never suspect an email of being faked, then you could become a victim of a spoofing attack at some point. To that end, this page is all about spoofing. We'll educate you on the types of spoofs, how spoofing works, how to discern legitimate emails and websites from fake ones, and how to avoid becoming a target for fraudsters.

Email spoofing is the act of sending emails with false sender addresses, usually as part of a phishing attack designed to steal your information, infect your computer with malware or just ask for money. Typical payloads for malicious emails include ransomware , adware , cryptojackers , Trojans like Emotet , or malware that enslaves your computer in a botnet see DDoS. But a spoofed email address isn't always enough to fool the average person.

Imagine getting a phishing email with what looks like a Facebook address in the sender field, but the body of the email is written in basic text, no design or HTML to speak of—not even a logo. That's not something we're accustomed to receiving from Facebook, and it should raise some red flags.

Accordingly, phishing emails will typically include a combination of deceptive features:. Email spoofing plays a critical role in sextortion scams.

These scams trick us into thinking our webcams have been hijacked with spyware and used to record us watching porn. These spoofed emails will say something like "I've been watching you watch porn," which is an incredibly weird thing to say. Who's the real creep in this scenario? The scammers then demand some amount of Bitcoin or other cryptocurrency or else they will send the video to all your contacts. To create the impression of legitimacy the emails may also include an outdated password from some previous data breach.

The spoof comes into play when the scammers disguise the email sender field to look as if it's being sent from your supposedly breached email account. Rest assured, chances are no one is actually watching you. Website spoofing is all about making a malicious website look like a legitimate one. The spoofed site will look like the login page for a website you frequent—down to the branding, user interface, and even a spoofed domain name that looks the same at first glance.

Cybercriminals use spoofed websites to capture your username and password aka login spoofing or drop malware onto your computer a drive-by download. A spoofed website will generally be used in conjunction with an email spoof, in which the email will link to the website. It's also worth noting that a spoofed website isn't the same as a hacked website. In the case of a website hacking , the real website has been compromised and taken over by cybercriminals—no spoofing or faking involved.

Likewise, malvertising is its own brand of malware. In this case, cybercriminals have taken advantage of legitimate advertising channels to display malicious ads on trusted websites. These ads secretly load malware onto the victim's computer.

Caller ID spoofing happens when scammers fool your caller ID by making the call appear to be coming from somewhere it isn't. Scammers have learned that you're more likely to answer the phone if the caller ID shows an area code the same or near your own.

In some cases, scammers will even spoof the first few digits of your phone number in addition to the area code to create the impression that the call is originating from your neighborhood aka neighbor spoofing. Text message spoofing or SMS spoofing is sending a text message with someone else's phone number or sender ID.

If you've ever sent a text message from your laptop, you've spoofed your own phone number in order to send the text, because the text did not actually originate from your phone. Companies frequently spoof their own numbers, for the purposes of marketing and convenience to the consumer, by replacing the long number with a short and easy to remember alphanumeric sender ID.

Scammers do the same thing—hide their true identity behind an alphanumeric sender ID, often posing as a legitimate company or organization. The spoofed texts will often include links to SMS phishing sites smishing or malware downloads.

Text message scammers can take advantage of the job market by posing as staffing agencies, sending victims to-good-to-be-true job offers. In one example , a work from home position at Amazon included a "Brand new Toyota Corrola. Second, is a Toyota "Corrola" a generic version of the Toyota Corolla? Nice try, scammers. GPS spoofing occurs when you trick your device's GPS into thinking you're in one location, when you're actually in another location.

Facial recognition technology is used to unlock mobile devices and laptops and increasingly in other areas, such as law enforcement, airport security, healthcare, education, marketing, and advertising. Most facial recognition anti-spoofing methods involve Liveliness Detection. This determines whether a face is live or a false reproduction.

There are two techniques involved:. In general, following these online safety tips will help to minimize your exposure to spoofing attacks:. Other jurisdictions around the world have similar bodies with their own complaints procedures.

If you have lost money due to spoofing, you can involve law enforcement. The best way to stay safe online is by a robust antivirus software solution. We recommend Kaspersky Total Security : a well-rounded cybersecurity package that will protect you and your family online and ensure a safer internet experience. We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.

What is spoofing? How does spoofing work? Types of spoofing Email spoofing Among the most widely-used attacks , email spoofing occurs when the sender forges email headers to that client software displays the fraudulent sender address, which most users take at face value.

However, ordinary users can take simple steps to reduce the risk of an email spoofing attack by choosing a secure email provider and practicing good cybersecurity hygiene: Use throwaway email accounts when registering for sites.

This reduces the risk of your private email address appearing in lists used for sending spoofed email messages in bulk. Make sure your email password is strong and complex. A strong password makes it harder for criminals to access your account and use it to send malicious emails from your account.

If you can, inspect the email header. This will depend on the email service you are using and will only work on desktop. The email header contains metadata on how the email was routed to you and where it came from. Switch on your spam filter. This should prevent most spoofed emails from coming into your inbox.

IP spoofing Whereas email spoofing focuses on the user, IP spoofing is primarily aimed at a network. How to prevent IP spoofing — tips for website owners: Monitor networks for unusual activity. Use packet filtering systems capable of detecting inconsistencies, such as outgoing packets with source IP addresses that don't match those on the network.

Use verification methods for all remote access even among networked computers. Authenticate all IP addresses. Use a network attack blocker. Ensure at least some computer resources are behind a firewall. Website spoofing Website spoofing — also known as URL spoofing — is when scammers make a fraudulent website resemble a legitimate one. How to avoid website spoofing: Look at the address bar — a spoofed website is unlikely to be secured. This means that the site has an up-to-date security certificate.

Look out for poor spelling or grammar, or logos or colors which may appear slightly wrong. Try a password manager — software used to autofill login credentials does not work on spoofed websites. If the software doesn't automatically complete the password and username fields, it could indicate that the website is spoofed.

Caller ID or phone spoofing Caller ID spoofing — sometimes called phone spoofing — is when scammers deliberately falsify the information sent to your caller ID to disguise their identity. How to stop someone from spoofing my phone number: Check to see if your phone carrier has a service or app that helps identify or filter out spam calls. You can consider using third-party apps to help block spam calls — but be aware that you will be sharing private data with them.

Use secure encryption protocols to secure traffic to and from your server. Be wary of phishing emails from attackers asking you to update your password or any other login credentials or payment card data, along with taking actions like making donations. Phishing emails have been a tool for cybercriminals during the coronavirus pandemic. Some of these spoofing emails promise the latest COVID information, while others ask for donations.

Take steps that will help make browsing the web safer. That includes not surfing the web on unsecure, public Wi-Fi. If you must visit public hotspots, use a virtual private network, or VPN, that encrypts your internet connection to protect the private data you send and receive.

Security software solutions that include a VPN can help. Updating your software ensures it has the latest encryption, authentication, and security patches. Set up a firewall to help protect your network by filtering traffic with spoofed IP addresses, verifying that traffic, and blocking access by unauthorized outsiders. This will help authenticate IP addresses.

Secure your home Wi-Fi network. This involves updating the default usernames and passwords on your home router and all connected devices with strong, unique passwords that are a combination of 12 uppercase and lowercase letters, at least one symbol and at least one number. Another approach is using long passphrases that you can remember but would be hard for others to guess.

Monitor your network for suspicious activity. Use packet filtering systems like ingress filtering, which is a computer networking technique that helps to ensure the incoming packets are from trusted sources, not hackers.

Types of spoofing Spoofing attacks can take place at different layers, as seen in these types of spoofing. IP address spoofing — happens at the network level. Domain Name System DNS spoofing — diverts internet traffic away from legitimate servers to fake servers.

Attackers are able to masquerade as other devices with DNS spoofing. While IP spoofing has been a threat to cybersecurity, the coronavirus pandemic has created new opportunities for carrying it out in the form of spoofing emails. Legitimate uses for IP spoofing IP spoofing also may be used by companies in non-malicious ways. How easy is IP spoofing? Can IP spoofing be traced? Can IP spoofing be stopped? Join today. Cancel anytime. Start Free Trial. Editorial note: Our articles provide educational information for you.

NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about.