Skip to main content


Home Domain spoofing

Domain spoofing

(also URL spoofing, website spoofing)

Domain spoofing definition

Domain spoofing is a type of cyberattack where the attacker creates a fake website or email address that closely mimics a legitimate one. The primary objective of domain spoofing is to trick users into thinking they are interacting with a trusted site or sender, which can lead to actions such as disclosing sensitive information, downloading malware, or becoming a victim of a phishing attack.

See also: angler phishing, email spoofing

Domain spoofing examples

  • Website spoofing: Cybercriminals set up fraudulent websites that appear identical to legitimate ones, hoping to steal users' credentials or other sensitive information.
  • Email spoofing: Attackers fake the sender address of an email, aiming to trick the receiver into clicking a malicious link or downloading an infected attachment.

Preventing domain spoofing

  • Always verify the URL of a website before entering any sensitive information.
  • Be cautious of unsolicited emails, especially ones that ask for personal information or prompt clicking on a link.
  • Use secure and updated browsers that can detect and warn against spoofed websites.