What is domain spoofing?
Domain spoofing is a type of cyberattack where hackers attempt to convince users that an email or web address belongs to a legitimate and generally trusted organization, when in reality it directs the user to a fake site that is under the control of a cybercriminal. Users who fall prey to domain spoofing may be convinced to reveal sensitive information to someone they believe is legitimate and trustworthy, or to wire money to what they believe to be a legitimate account.
The danger of domain spoofing
Domain spoofing is a type cyberattack where hackers use a fake or "spoofed" web domain or email address to impersonate an organization or one of its employees. Domain spoofing typically is conducted by sending emails or building websites with fake domain names that seem to be legitimate, but where the lettering of the domain address is changed in slight but in hard to detect ways. Spoofed websites or emails will mimic the organization's design and branding to create an appearance of legitimacy. Users responding to email or web domain spoofing may be duped into revealing sensitive information, giving up their login credentials, wiring money to a fraudulent account or otherwise engaging in actions that harm the organization.
How does domain spoofing work?
Domain spoofing typically works by using a domain in an email or building a website with a domain that appears to be legitimate, but that actually has a very small and hard to detect differences for the original which, if a user replies to an email or clicks on a link, directs the user to a illegitimate or spoofed website or to respond to the wrong person. Spoofed websites will typically be designed to look identical to legitimate sites in order to fool users and get them to reveal sensitive information, give up their login credentials, or take actions that harm the organization.
