In terms of network security, Spoofing refers to the technique in which an illegitimate user, usually with malicious intentions, pretends to be a different person by illegally entering other person account or secure system.
Types of Spoofing
- IP Spoofing
- ARP Spoofing
- DNS Spoofing
- WEB Spoofing
- E-mail Spoofing
- GPS Spoofing
Usually, In IP spoofing or host file hijack, the malicious user masquerades as the legitimate host to gain access to an account or network or cause damage. Usually, the hijacker obtains the IP address of the real host and change packet headers; this way the real host appears to be the source.
Methods include faking the sending address of a transmission in order to gain illegal entry into a secure system, and making a website seem authentic to collect passwords and login names.
Purpose of spoofing
- to gain access to a resource or website they could not otherwise access
- to manipulate unsuspecting users to give them account login credentials
- to embarrass or cause other damage to a company or person by committing negative acts while masquerading as them (for example sending virus-ridden emails while masquerading as a Symantec employee)