Spoofing: The virus sent by friends
Since computers have become one of the elements most used by man, so-called computer viruses have emerged, which despite the developments in the software that protect the systems, always find a way to mutate and continue to be a strong headache for the user who suffers.
Most Internet users have ever encountered some type of computer virus, so we know the different effects that these can cause in the operating system of our PC, leading us to even lose content stored on the computer.
Due to advances in the computer field, there is currently an incalculable variety of threats, and each of these viruses can infect our computer in different ways, causing various results. If you wish, you can get more information in this article entitled “Types of computer viruses.”
Viruses, in their different forms and sizes, spread in various ways, with electronic mail being one of the most used elements today for the transmission of this type of malicious code.
Therefore, it is essential that we are always attentive to the files that include the emails we receive, in order to be able to recognize which emails contain viruses, in order to eliminate them before they get to infect the software of our PC.
Anyway, surely our friends never intend to send us a computer virus, so many users only verify the sender of the emails they receive in their inbox.
Based on this weakness, a new system has been developed to spread malicious code, which uses the email addresses of our contacts to send us viruses that could not otherwise infect the computer.
This is the so-called “Spoofing“, which not only causes several inconveniences in the operation of the operating system of our PC, but also can cause real discussions with the contacts that we believe sent us this corrupt file.
To achieve its purpose, the Spoofing must perform a tracking job that begins when a friend, who has our email address stored in the database or address book of an email manager, receives the virus and your computer becomes infected.
Once the malicious hardware begins to run, your job will be to carry out a scan of the hard drive of the infected PC, in order to find the files of the address book that contains the emails of your contacts. When you have detected all the email addresses, the virus is automatically distributed, sending a copy of the malicious code to each of the emails that you have collected, through the email management program, using the email address of the first email as sender. user.
In this way, we will receive an email from a friend without knowing that it contains a virus, which will then continue spreading after hiding behind our own email address.
To avoid this type of inconvenience, there are some guidelines that we can put into practice in order to detect a possible Spoofing. For more information, we suggest that you continue reading until the end of the article, where you will find a lot of detailed information.
Types of Spoofing: IP Spoofing
As we mentioned, the term Spoofing is used to refer to a series of specific computer viruses, whose main characteristic is to enter the PC system through email. Its method is very original, since it is usually an attachment that contains the malicious code, which travels through an email in which one of our contacts appears as a sender.
From there, and once it is on the hard drive of our computer, the virus is spread using our email address and mail manager that we usually use, in order to send the corrupt file through our email to the inbox of our friends. While there are a number of methods that allow us to stay safe from the attack of this type of virus, the truth is that currently live different types of Spoofing, which are differentiated by the method they use to enter our PC.
Here we bring you information about the different types of Spoofing, along with the descriptions of each of them, so you can learn more about this threat and be aware of the possible risks.
This is the most common type of Spoofing, which basically consists of the automatic substitution of the IP address. The method used by this virus is to impersonate the source IP address of a TCP / IP packet by another IP address. To carry out this method, the virus uses special applications that have been developed for such purposes, and that generally allow it to be used for any type of TCP / IP protocol.
Once it succeeded in infecting our PC, the various responses from the host that receives the altered packets that are sent will be directed to the counterfeit IP.
This type of attack is also known as “Smurf”, and its weakness lies in the fact that the packets it sends can not pass through some of the current router models, since this type of device does not allow access to IP packets. origin not belonging to one of the networks that it administers.
In short, this type of Spoofing requires three computers: that of the attacker, that of the victim and a third belonging to some contact of the victim, whose system can be supplanted and allows the implementation of a forged IP.
Web Spoofing and Mail Spoofing
The Spoofing, as we have seen in this same informal, can use different means to spread, enter and attack our PC. Among the types of Spoofing, we have already mentioned the characteristics of those that falsify IPs, those that take advantage of weaknesses in the ARP tables, or those that impersonate an IP identity by a DNS domain name.
However, there are two more types of Spoofing, which are currently considered the most frequent, and which have been assigned the names of Web Spoofing and Mail Spoofing. From this point we bring you basic information about how is the method of operation of this type of computer attack through the Spoofing system.
This method works by impersonating a real web page by a false one, and although it is similar to the so-called Phishing, the truth is that it works differently. Through this type of attack, the hacker who produces it has access to the visualization and possibilities of modification of any web page, which has been requested in the browser by its victim. This also includes those secure connections via SSL.
The attack works in the following way: once the PC of the victim is infected, the attacker will use malicious code to create a browser window, which in appearance is harmless. Then, through the virus, it will route all the pages addressed to the attacked team, from the hacker’s own team, generating the pages you want.
Through the method of Web Spoofing, the attackers manage to access personal data of their victims, since without knowing it the user may be entering their information in a false registration form. Due to its mode of operation, the truth is that Web Spoofing is a type of attack really difficult to detect. However, we can prevent risks by using some type of plugin that facilitates the web browser we use, whose purpose is to permanently show the IP address of the server that we are visiting.
The so-called Mail Spoofing is the most common technique for spreading viruses of this type, which works by supplanting the email address of the email address of our contacts. Due to its characteristics, Mail Spoofing is used as an ideal supplement for Phishing and Spam techniques, in order to send hoax emails to an infinity of mailboxes.
One of the easiest ways to protect our computer from this type of attack is usually the use of an application that allows us to check the IP identity of the sender from which we received a message, as well as the address of the SMTP server used.
We can also choose to apply the technique of using digital signatures.