spoofed URL describes one website that poses as another website. It sometimes applies a mechanism that exploits bugs in a web browser technology, allowing a malicious computer attack. Such attacks are most effective against computers that lack recent security patches. Others are designed for the purpose of a parody .

Such During an attack, a computer user visits a website Innocently and Sees a familiar URL in the address bar Such As http://www.wikipedia.org goal is, in reality, sending information to an Entirely different rental That Would Typically be monitored by an information thief. When it is called a fraudulent website, it is called phishing .

The user is typically enticed to the false website from an email or a hyperlink from another website.

In another variation, a website may look like the original, but is in fact a parody of it. These are mostly harmless, and they are more noticeably different from the original, as they usually do not exploit bugs in web browsertechnology.

This can also be taken in a hosts file . It can redirect a site (s) to another IP, which could be a spoofed website.

Cyber ​​security

Spoofing is the act of deception or hoaxing. [1] URLs are the address of a resource (as a document or Web site) on the Internet that consists of a communications protocol (1). file names). [2] Simply, a spoofed URL is a web address that illuminates a huge amount of deception through its ability to appear as an original site, despite it not being one. In order to prevent a fall victim to the prevalent scams, the main software companies have come forward and advised techniques to detect and prevent spoofed URLs.

Ssl handshake with two way

Detection

In this case, credit card information, bank account / routing numbers, and one’s telephone number, home address, etc. it is important to learn and understand how these spoof websites can be detected. It is very important to first verify the name of the site on a digital certification through the use of SSL / TLS . Always try to identify the URL for the web page you are on. Make sure you are able to see the full URL for any hyperlink, so that you can examine the address. Some characters that are commonly found in the URL of a spoofed web page are:% 00,% 01, @. Sometimes spoofed web sites can differ by a single letter or number in the URL. In addition, set your Internet security level to be safe from your computer is protected from possible attacks from spoofed sites. In general, only input personal information on a web site if the name has been verified on the digital certificate. Also, if you have any concerns about the confidentiality of a website leave the page immediately. [3]

Prevention

Spoofed URL , a universal defining identity for phishing scams, a serious threat to end-users and commercial institutions. Email continues to be used as a vehicle to perpetuate such scams due to its widespread use combined with the ability to easily spoof them. [4] Several approaches, both generic and specialized, have been proposed to address this problem. However, phishing techniques, growing in ingenuity and sophistication, render these solutions weak. In order to prevent prevention from future victimization users stemmed from a spoofed URL, Internet vigilantes -have published Numerous tips to help users Identify a spoof.

Reviews The most common are: using authentication based one key exchange entre les machinery is your network , using an access control list to deny private IP addresses are your downstream interface Implementing filters of Both inbound and outbound traffic, Configuring routers and switches If They Support Such configuration, to reject packets originating from within the network, and enabling encryption sessions that are trusted that your network can securely communicate with your local hosts. [5]Ultimately, protection comes from the individual user. Keeping up with new spoofing techniques or scams will be more important than ever.

Susceptible targets

PayPal , an e-commerce business allows money transactions to be made through the Internet and is a common target for Spoofed URLs. This forgery of a legitimate PayPal website Allows hackers to gain personal and financial information and THUS, steal money through fraud. Along with spoof or fake emails that appear with generic greetings, misspellings, and a false sense of urgency, spoofed URLs are an easy way to hackers to violate one’s PayPal privacy. To fight these deceptive URLs, make sure to only enter your PayPal password on PayPal pages that begin with https://www.paypal.com/, and, a spoof URL might contain the word PayPal, it does not mean it should be trusted. For example, www.paypalsecure.com, including the name, but is a spoof URL designed to deceive. Remember to always log into PayPal through a new window browser and never log in through email. In the case that you do not have a password Spoof website, email and forward the entire email to spoof@PayPal.com to help prevent the PayPal users. [6]

Common crimes

A major crime associated with Spoofed URLs is identity theft . The thief will make a spoofed web site , it will look almost identical. Then, if they are going to pay attention, they will inadvertently give their credit card and identity information. The websites will be post products at “too good to be true” prices, and lure those who are new to the internet and looking for a good deal. Crimes like these happen quite often, and most frequently occur during the heaviest trafficked online shopping period of the year, between the holidays of ThanksgivingandChristmas . [7] Another crime associated with Spoofed URL is a fake anti-malware software. An example of this would be Ransomware , a fake anti-malware software that locks up important files for the computer to run, and forces the user to pay a ransom to get the files back. If the user refuses to pay, after a certain period of time, the Ransomware will delete the files of the computer, causing the computer to crash. These programs usually come to life on social networks like Facebook, Twitter and Facebook . Also, these can come up as attachments in emails tied to phishing. phishing Scams are also another major way that users can get tricked into scams (see below).

Phishing

Phishing is a scam by which an e-mail user is duped into revealing personal or confidential information which the scammer can use illicitly. [8] Phishing is the action of fraudsters sending an email to an individual, hoping to seek private information. Phishing is performing through emails containing a Spoofed URL, which links them to a Web site. Since it usually appears in the form of an email, it is crucial to not rely on phishing. Computer users should also look for spelling mistakes within the websites. [9]The Web site whose URLs are in the e-mails. This information often includes passwords, credit card numbers, social security, and bank account numbers. In turn the email recipients are giving their fake businesses

See also

  • Computer insecurity
  • Hosts File
  • IDN homograph attack
  • Internet fraud prevention
  • Social engineering (computer security)
  • Spoofing attack

References

  1. Jump up^ “Spoof” . Merriam-Webster . Retrieved 2014-03-07 .
  2. Jump up^ “URL” . Merriam-Webster . Retrieved 2014-03-07 .
  3. Jump up^ “Steps that you can take to help identify and to help protect yourself from deceptive (spoofed) Web sites and malicious hyperlinks” . Microsoft . Retrieved 2014-03-18 .
  4. Jump up^ Chandrasekaran, Madhusudhanan. Phoney: Mimicking User Response to Detecting Phishing Attacks . pp. 1-15.
  5. Jump up^ Hassel, Jonathan. “Prevent IP Spoofing” . Retrieved 2014-03-09 .
  6. Jump up^ “10 ways to recognize fake (spoof) emails” . PayPal . Retrieved 2014-03-19 .
  7. Jump up^ “New E-Scams and Warnings” . Federal Bureau of Investigation . Retrieved 2014-03-18 .
  8. Jump up^ “Phishing” . Meriam-Webster . Retrieved 2014-03-19 .
  9. Jump up^ “Phishing, Spoofing, Vishing” . https.in Blog.