Page 25 - 2619_PlusGPT V2.1_C-8
P. 25
The common entry points for MitM attack are:
On using unsecure public Wi-Fi, attackers can interrupt between a visitor’s device and the network.
Without knowing, the visitor passes all information through the attacker.
Once malware has breached a device, an attacker can install software to process all of the victim’s
information.
Spoofing
Spoofing is the act of disguising communication from an
unknown source as being from a known and trusted source.
Spoofing can apply to e-mails, phone calls and websites.
Spoofing can be used to gain access to a target’s personal
information, spread malware through infected links or
attachments, bypass network access controls, or redistribute
traffic to conduct a Denial of Service (DoS) attack. Some of the
most common spoofing methods are e-mail and chat spoofing.
E-mail Spoofing
E-mail spoofing occurs when an attacker uses an e-mail message to trick a recipient into thinking that
it came from a known and/or trusted source. These e-mails may include links to malicious websites or
attachments infected with malware.
Sender information is easy to spoof and can be done in one of two ways:
· Mimicking a trusted e-mail address or domain by using alternate letters or numbers to appear only
slightly different than the original.
· Disguising the ‘From’ field to be the exact e-mail address of a known and/or trusted source.
Chat Spoofing
When a computer system or a user of a computer masquerades to be another identity while engaging
in chat is known as chat spoofing.
Other spoofing methods are IP address spoofing, GPS spoofing, DNS spoofing and URL spoofing.
Cyber Security 23
