(also URL spoofing, website spoofing)
Domain spoofing definition
Domain spoofing is a type of cyberattack where the attacker creates a fake website or email address that closely mimics a legitimate one. The primary objective of domain spoofing is to trick users into thinking they are interacting with a trusted site or sender, which can lead to actions such as disclosing sensitive information, downloading malware, or becoming a victim of a phishing attack.
Domain spoofing examples
- Website spoofing: Cybercriminals set up fraudulent websites that appear identical to legitimate ones, hoping to steal users’ credentials or other sensitive information.
- Email spoofing: Attackers fake the sender address of an email, aiming to trick the receiver into clicking a malicious link or downloading an infected attachment.
Preventing domain spoofing
- Always verify the URL of a website before entering any sensitive information.
- Be cautious of unsolicited emails, especially ones that ask for personal information or prompt clicking on a link.
- Use secure and updated browsers that can detect and warn against spoofed websites.