Spoofing: The virus sent by friends
Since computers have become one of the elements most used by man, so-called computer viruses have emerged at the same time, which despite developments in the software that protects systems, always find a way to mutate and continue to be a severe headache for the user who suffers from it.
Most Internet users have ever come across some type of computer virus, so we know the different effects that these can have on our PC’s operating system, even leading us to lose content stored on the computer.
Due to advances in the computer field, today there are an incalculable variety of threats, and each of these viruses can infect our computer in different ways, causing different results. If you want, you can get more information in this article entitled Types of computer viruses .
Viruses, in their different shapes and sizes, spread in various ways, email being one of the most widely used elements today for the transmission of this type of malicious code.
For this reason, it is essential that we always be attentive to the files included in the emails we receive, in order to be able to recognize which emails contain viruses, in order to be able to eliminate them before they infect the software on our PC.
In any case, surely our friends never have the intention of sending us a computer virus, so many users only corroborate the sender of the emails they receive in their inbox.
Spoofing
Based on this weakness, a new system has been developed to spread malicious code, which uses the email addresses of our contacts to send us viruses that otherwise could not infect the computer.
This is the so-called “Spoofing”, which not only causes with its action various inconveniences in the operation of the operating system of our PC, but can also lead to real discussions with the contacts that we believe have sent us this corrupt file.
To achieve its mission, Spoofing must carry out a trace job that begins when a friend, who has our email address stored in the database or address book of some mail manager, receives the virus and his computer becomes infected. .
Once the malicious hardware starts running, your job is to scan the hard drive of the infected PC, in order to find your own address book files containing your contacts ‘ emails .
When it has already detected all the email addresses, the virus distributes itself automatically, sending a copy of the malicious code to each of the emails it has collected, through the email management program, using the first email address as the sender. Username.
In this way, we will receive an email from a friend without knowing that it contains a virus, which will then continue to spread after hiding behind our own email address.
To avoid this type of inconvenience, there are some guidelines that we can put into practice in order to detect a possible Spoofing. To get more information about it, we suggest that you continue reading until the end of the article, where you will find a lot of detailed information.
Types of Spoofing: IP Spoofing
As we already mentioned, the term Spoofing is used to refer to a series of certain computer viruses, whose main characteristic lies in entering the PC system through email.
Its method is very original, since it is usually an attachment that contains the malicious code, which travels through an email in which one of our contacts appears as the sender.
From there, and once it is on the hard drive of our computer, the virus spreads using our email address and the email manager that we usually use, in order to send the corrupted file through our email to our friends’ inbox.
Although there are a series of methods that allow us to stay safe from the attack of this type of virus, the truth is that at present different types of Spoofing coexist, which are differentiated by the method they use to enter our PC.
Below we bring you information about the different types of Spoofing, along with descriptions of each of them, so that you can learn more about this threat and be aware of the possible risks.
IP Spoofing
It is the most frequent type of Spoofing, which basically consists of the automatic substitution of the IP address. The method used by this virus is to impersonate the source IP address of a TCP / IP packet with another IP address.
To carry out this method, the virus uses special applications that have been developed for this purpose, and that generally allow them to be used for any type of TCP / IP protocol.
Once it managed to infect our PC, the various responses from the host that receives the altered packets that are sent will be directed to the forged IP.
This type of attack is also known as “Smurf”, and its weakness lies in the fact that the packets it sends cannot pass through some of the current router models, since this type of device does not allow access to packets with IP. origin not belonging to one of the networks it manages.
Ultimately, this type of Spoofing requires three computers: the attacker’s, the victim’s and a third belonging to a victim’s contact, whose system can be spoofed and allows the implementation of a forged IP.
Types of Spoofing: Web Spoofing and Mail Spoofing
Spoofing, as we have already seen in this same informal, can use different means to spread, enter and attack our PC.
Among the types of Spoofing, we have already mentioned the characteristics of those who spoof IPs, those who take advantage of weaknesses in the ARP tables, or those who spoof an IP identity by a DNS domain name.
However, there are two more types of Spoofing, which are currently considered the most frequent, and they have been assigned the names of Web Spoofing and Mail Spoofing.
From this point we bring you basic information about how this type of computer attack works through the Spoofing system.
Web Spoofing
This method works by impersonating a real web page with a fake one, and although it is similar to the so-called Phishing, the truth is that it works differently.
Through this type of attack, the hacker who produces it has access to the visualization and modification possibilities of any web page, which has been requested in the browser by its victim. This also includes those secure connections via SSL.
The attack works as follows: once the victim’s PC is infected, the attacker will use malicious code to create a seemingly harmless browser window . Then, by means of the virus, it will route all the pages directed to the attacked computer, from the hacker’s own computer, generating the pages it wants.
Through the Web Spoofing method , the attackers manage to access the personal data of their victims, since without knowing it the user may be entering their information in a false registration form.
Due to its mode of operation, the truth is that Web Spoofing is a type of attack that is really difficult to detect. However, we can prevent risks by using some type of plugin provided by the web browser that we use, whose purpose is to permanently display the IP address of the server that we are visiting.
Mail Spoofing
The so-called Mail Spoofing is the most frequent technique for spreading viruses of this type, which works by supplanting the email address of our contacts.
Due to its characteristics, Mail Spoofing is used as an ideal supplement to Phising and Spam techniques, in order to send hoax-type emails to an infinite number of mailboxes.
One of the simplest ways to protect our computer from this type of attack is usually the use of an application that allows us to verify the IP identity of the sender from whom we have received a message, as well as the address of the SMTP server used.
We can also choose to apply the technique of using digital signatures.