Editing Spoofing attack (section)

==Internet==
=== Spoofing and TCP/IP ===
{{Main|IP address spoofing|ARP spoofing}}
Many of the protocols in the [[TCP/IP]] suite do not provide mechanisms for [[Authentication|authenticating]] the source or destination of a message,<ref>{{Cite journal |last1=Veeraraghavan |first1=Prakash |last2=Hanna |first2=Dalal |last3=Pardede |first3=Eric |date=2020-09-14 |title=NAT++: An Efficient Micro-NAT Architecture for Solving IP-Spoofing Attacks in a Corporate Network |journal=Electronics |language=en |volume=9 |issue=9 |pages=1510 |doi=10.3390/electronics9091510 |issn=2079-9292|doi-access=free }}</ref> leaving them vulnerable to spoofing attacks when extra precautions are not taken by applications to verify the identity of the sending or receiving host. IP spoofing and [[ARP spoofing]] in particular may be used to leverage [[man-in-the-middle attack]]s against hosts on a [[computer network]]. Spoofing attacks which take advantage of TCP/IP suite protocols may be mitigated with the use of [[firewall (computing)|firewalls]] capable of [[deep packet inspection]] or by taking measures to verify the identity of the sender or recipient of a message.

===Domain name spoofing===
{{main|Domain name#Domain name spoofing}}
The term 'Domain name spoofing' (or simply though less accurately, 'Domain spoofing') is used generically to describe one or more of a class of [[phishing]] attacks that depend on falsifying or misrepresenting an internet [[domain name]].<ref>{{cite news |title= Canadian banks hit by two-year domain name spoofing scam | work=Finextra | url= https://www.finextra.com/newsarticle/35030/canadian-banks-hit-by-two-year-domain-name-spoofing-scam |date=9 January 2020 }}</ref><ref>{{cite web | title =Domain spoofing |publisher = [[Barracuda Networks]] |url=https://www.barracuda.com/glossary/domain-spoofing}}</ref> These are designed to persuade unsuspecting users into visiting a web site other than that intended, or opening an email that is not in reality from the address shown (or apparently shown).<ref>{{cite news |title=Mass Spoofing Campaign Abuses Walmart Brand | work=threatpost |author=Tara Seals |date=August 6, 2019 |url=https://threatpost.com/mass-spoofing-campaign-walmart/146994/ }}</ref> Although website and email spoofing attacks are more widely known, any service that relies on [[Name resolution (computer systems)|domain name resolution]] may be compromised.

=== Referrer spoofing ===
{{Main|Referer spoofing}}
Some websites, especially pornographic [[paysite]]s, allow access to their materials only from certain approved (login-) pages. This is enforced by checking the [[HTTP referrer|referrer]] header of the [[HTTP]] request. This referrer header, however, can be changed (known as "[[referrer spoofing]]" or "Ref-tar spoofing"), allowing users to gain unauthorized access to the materials.

=== Poisoning of file-sharing networks ===
{{Main|Spoofing (anti-piracy measure)}}

"[[Spoofing (anti-piracy measure)|Spoofing]]" can also refer to [[copyright]] holders placing distorted or unlistenable versions of works on [[file-sharing]] networks.

=== E-mail address spoofing ===
{{Main|Email spoofing}}

The sender information shown in [[e-mail]]s (the <code>From:</code> field) can be spoofed easily. This technique is commonly used by [[E-mail spam|spammers]] to hide the origin of their e-mails and leads to problems such as misdirected [[Bounce message|bounces]] (i.e. e-mail spam [[backscatter (e-mail)|backscatter]]).

E-mail address spoofing is done in quite the same way as writing a forged return address using [[snail mail]].  As long as the letter fits the protocol, (i.e. stamp, [[postal code]]) the [[Simple Mail Transfer Protocol|Simple Mail Transfer Protocol (SMTP)]] will send the message.  It can be done using a mail server with [[telnet]].<ref>{{cite book|last=Gantz|first=John|title=Pirates of the Digital Millennium|year=2005|publisher=[[Prentice Hall]]|location=Upper Saddle River, NJ|isbn=0-13-146315-2|author2=Rochester, Jack B. }}</ref>

=== Geolocation===
[[Geopositioning|Geolocation]] spoofing occurs when a user applies technologies to make their device appear to be located somewhere other than where it is actually located.<ref>{{Cite journal |last=Günther |first=Christoph |date=2014-09-14 |title=A Survey of Spoofing and Counter-Measures |url=https://onlinelibrary.wiley.com/doi/10.1002/navi.65 |journal=Navigation |language=en |volume=61 |issue=3 |pages=159–177 |doi=10.1002/navi.65|url-access=subscription }}</ref> The most common geolocation spoofing is through the use of a [[Virtual private network|Virtual Private Network]] (VPN) or [[Domain Name System|DNS]] Proxy in order for the user to appear to be located in a different country, state or territory other than where they are actually located. According to a study by [[GlobalWebIndex]], 49% of global VPN users utilize VPNs primarily to access [[Geo-blocking|territorially restricted]] entertainment content.<ref>{{Cite web|url=https://blog.globalwebindex.com/chart-of-the-day/vpns-are-primarily-used-to-access-entertainment/|title=VPNs Are Primarily Used to Access Entertainment|date=2018-07-06|website=GlobalWebIndex Blog|language=en-GB|access-date=2019-04-12}}</ref> This type of geolocation spoofing is also referred to as geo-piracy, since the user is illicitly accessing copyrighted materials via geolocation spoofing technology. Another example of geolocation spoofing occurred when an online poker player in California used geolocation spoofing techniques to play online poker in [[New Jersey]], in contravention of both [[California]] and New Jersey state law.<ref>{{Cite web|url=http://www.flushdraw.net/news/california-online-poker-pro-forfeits-over-90000-geolocation-evading-fraudulent-new-jersey-play/|title=California Online Poker Pro Forfeits Over $90,000 for Geolocation-Evading New Jersey Play|last=Hintze|first=Haley|date=2019-03-09|website=Flushdraw.net|language=en-GB|access-date=2019-04-12}}</ref> Forensic geolocation evidence proved the geolocation spoofing and the player forfeited more than $90,000 in winnings.