HOME

TheInfoList



Click Here for Items Related To - website spoofing
OR:
website spoofing on:   [Wikipedia]   [Google]   [Amazon]

Website spoofing is the act of creating a
website A website (also written as a web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server. Examples of notable websites are Google, Facebook, Amazon, and Wi ...
with the intention of misleading readers that the website has been created by a different person or organization. Normally, the spoof website will adopt the design of the target website, and it sometimes has a similar URL. A more sophisticated attack results in an attacker creating a "shadow copy" of the
World Wide Web The World Wide Web (WWW), commonly known as the Web, is an information system enabling documents and other web resources to be accessed over the Internet. Documents and downloadable media are made available to the network through web ...
by having all of the victim's traffic go through the attacker's machine, causing the attacker to obtain the victim's sensitive information. Another technique is to use a 'cloaked' URL. By using
domain forwarding URL redirection, also called URL forwarding, is a World Wide Web technique for making a web page available under more than one URL address. When a web browser attempts to open a URL that has been redirected, a page with a different URL is opened ...
, or inserting
control character In computing and telecommunication, a control character or non-printing character (NPC) is a code point (a number) in a character set, that does not represent a written symbol. They are used as in-band signaling to cause effects other than the ...
s, the URL can appear to be genuine while concealing the actual address of the malicious website.
Punycode Punycode is a representation of Unicode with the limited ASCII character subset used for Internet hostnames. Using Punycode, host names containing Unicode characters are transcoded to a subset of ASCII consisting of letters, digits, and hyphens, wh ...
can also be used for this purpose. Punycode-based attacks exploit the similar characters in different writing systems in common fonts. For example, on one large font, the greek letter tau (τ) is similar in appearance to the latin undercase letter t. However, the greek letter tau is represented in punycode as 5xa, while the latin undercase letter is simply represented as t, since it is present on the ASCII system. In 2017, a security researcher managed to register the domain xn--80ak6aa92e.com and have it show on several mainstream browsers as apple.com. While the characters used didn't belong to the latin script, due to the default font on those browsers, the end result was non-latin characters that were indistinguishable from those on the latin script. The objective may be fraudulent, often associated with
phishing Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious softwa ...
or
e-mail spoofing Email spoofing is the creation of email messages with a forged sender address. The term applies to email purporting to be from an address which is not actually the sender's; mail sent in reply to that address may bounce or be delivered to an unr ...
, or to criticize or make fun of the person or body whose website the spoofed site purports to represent. Because the purpose is often malicious, "spoof" (an expression whose base meaning is innocent parody) is a poor term for this activity so that more accountable organisations such as government departments and banks tend to avoid it, preferring more explicit descriptors such as "fraudulent" or "phishing". As an example of the use of this technique to
parody A parody, also known as a spoof, a satire, a send-up, a take-off, a lampoon, a play on (something), or a caricature, is a creative work designed to imitate, comment on, and/or mock its subject by means of satiric or ironic imitation. Often its sub ...
an organisation, in November 2006 two spoof websites, www.msfirefox.com and www.msfirefox.net, were produced claiming that
Microsoft Microsoft Corporation is an American multinational technology corporation producing computer software, consumer electronics, personal computers, and related services headquartered at the Microsoft Redmond campus located in Redmond, Washin ...
had bought
Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current ...
and released "Microsoft Firefox 2007."


Prevention tools


Anti-phishing software

Spoofed websites predominate in efforts developing
anti-phishing software Anti-phishing software consists of computer programs that attempt to identify phishing content contained in websites, e-mail, or other forms used to accessing data (usually from the internet) and block the content, usually with a warning to the user ...
though there are concerns about their effectiveness. A majority of efforts are focused on the PC market leaving mobile devices lacking You can see from the table below that few user studies have been run against the current tools in the market.


DNS filtering

DNS is the layer at which
botnet A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its conn ...
s control drones. In 2006,
OpenDNS OpenDNS is an American company providing Domain Name System (DNS) resolution services—with features such as phishing protection, optional content filtering, and DNS lookup in its DNS servers—and a cloud computing security product suite, Umbre ...
began offering a free service to prevent users from entering website spoofing sites. Essentially, OpenDNS has gathered a large database from various anti-phishing and anti-botnet organizations as well as its own data to compile a list of known website spoofing offenders. When a user attempts to access one of these bad websites, they are blocked at the DNS level.
APWG The Anti-Phishing Working Group (APWG) is an international consortium that attempts to eliminate fraud and identity theft caused by phishing and related incidents It brings together businesses affected by phishing attacks: security products and se ...
statistics show that most phishing attacks use URLs, not domain names, so there would be a large amount of website spoofing that OpenDNS would be unable to track. At the time of release, OpenDNS is unable to prevent unnamed phishing exploits that sit on Yahoo, Google etc.


See also

* * * * * *


References

{{Reflist Social engineering (computer security) Internet terminology Internet hoaxes