“Spoofing” is one of our industry’s more technical terms. In a broad sense, spoofing in technology means taking on an appearance or identity of something trusted. Some of the more common types of technology spoofing include MAC address, phone caller ID, email address, email content, and GPS spoofing. Each of these exploits uses technology to transform the real values of the criminals system to a value the criminal believes will trick the unsuspecting victim into clicking. Spoofing is made possible because most communications starts with the sending system providing identification information to the receiving system. The nature of network communications allows the sending system to modify the information being sent to change its identity.
One of the more common spoofs that gets reported to us is email address identity theft. In this type of spoof, the criminal mines dark web databases for valid email addresses. The criminal then uses the email addresses to send spam emails. By using a known valid email address, spam emails are able to circumvent spam filters. The carefully crafted email, with a believable message, is modified by special software that changes the sender from firstname.lastname@example.org to email@example.com. Since the spoofing occurs at the criminal’s place of business, there is no way to stop the usage of the victim’s email address. We often get calls from clients complaining of thousands of bounce backs to their email when one of these spoofing attacks is underway. There is nothing that can be done to stop these attacks. In these cases we can only modify spam filter rules to keep the bounces from flooding client’s email boxes. Email services have been getting smarter about identifying and stopping these types of spoofing attacks, but they are still common.
A more recent and annoying spoofing attack is against cell phones. The criminals spoof phone numbers and caller IDs to make it look like they are calling from a trusted location or source. The criminal uses this attack to trick the victim into answering the phone and then sharing sensitive personal information or installing software to allow the criminals access to their computing resources. This spoofing attack has become so wide spread and common, I don’t answer calls with any caller ID that doesn’t authenticate in my contact list. If the criminals ever get my contact list, it will be time to stop answering the phone!
A recently reported spoof concerns the spoofing of GPS location information. The spoof was first reported by the US Navy in 2017 in the Baltic Sea when their GPS location was miles from their physical location. In tracking down the disparity, the Navy was able to identify land-based GPS transmitters that were sending the tracking data to the ships. Follow-up reports noted that GPS coordinates around the Kremlin change whenever Putin is in town. In a recent trip to Long Island, my GPS had some serious problems figuring out which road I was on. I wonder...
Click HERE for more information.