Spoofed URL
Encyclopedia
A Spoofed URL describes one website that poses as another. It sometimes applies a mechanism that exploits bugs in web browser
technology, allowing a malicious computer attack. Such attacks are most effective against computers that lack recent security patches. Others are designed for the purpose of a parody
.
During such an attack, a computer user innocently visits a web site and sees a familiar URL
in the address bar such ashttp://www.wikipedia.org but is, in reality, sending information to an entirely different location that would typically be monitored by an information thief. When sensitive information is requested by a fraudulent website, it is called phishing
.
The user is typically enticed to the false website from an email or a hyperlink
from another website.
In another variation, a website may look like the original, but is in fact a parody
of it. These are mostly harmless, and are more noticeably different from the original, as they usually do not exploit bugs in web browser
technology.
This can also take place in a hosts file
. It can redirect a site(s) to another IP, which could be a spoofed website.
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...
technology, allowing a malicious computer attack. Such attacks are most effective against computers that lack recent security patches. Others are designed for the purpose of a parody
Parody
A parody , in current usage, is an imitative work created to mock, comment on, or trivialise an original work, its subject, author, style, or some other target, by means of humorous, satiric or ironic imitation...
.
During such an attack, a computer user innocently visits a web site and sees a familiar URL
Uniform Resource Locator
In computing, a uniform resource locator or universal resource locator is a specific character string that constitutes a reference to an Internet resource....
in the address bar such as
Phishing
Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT...
.
The user is typically enticed to the false website from an email or a hyperlink
Hyperlink
In computing, a hyperlink is a reference to data that the reader can directly follow, or that is followed automatically. A hyperlink points to a whole document or to a specific element within a document. Hypertext is text with hyperlinks...
from another website.
In another variation, a website may look like the original, but is in fact a parody
Parody
A parody , in current usage, is an imitative work created to mock, comment on, or trivialise an original work, its subject, author, style, or some other target, by means of humorous, satiric or ironic imitation...
of it. These are mostly harmless, and are more noticeably different from the original, as they usually do not exploit bugs in web browser
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...
technology.
This can also take place in a hosts file
Hosts file
The hosts file is a computer file used in an operating system to map hostnames to IP addresses. The hosts file is a plain-text file and is conventionally named hosts.-Purpose:...
. It can redirect a site(s) to another IP, which could be a spoofed website.
See also
- Computer insecurityComputer insecurityComputer insecurity refers to the concept that a computer system is always vulnerable to attack, and that this fact creates a constant battle between those looking to improve security, and those looking to circumvent security.-Security and systems design:...
- Hosts FileHosts fileThe hosts file is a computer file used in an operating system to map hostnames to IP addresses. The hosts file is a plain-text file and is conventionally named hosts.-Purpose:...
- IDN homograph attackIDN homograph attackThe internationalized domain name homograph attack is a way a malicious party may deceive computer users about what remote system they are communicating with, by exploiting the fact that many different characters look alike,...
- Spoofing attackSpoofing attackIn the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.- Spoofing and TCP/IP :...
- Social engineering (computer security)
External links
- Secunia security describes Microsoft Internet Explorer URL spoofing vulnerability 2003
- Microsoft Knowledge Base Article 833786 - Steps that you can take to help identify and to help protect yourself from deceptive (spoofed) Web sites and malicious hyperlinks.