Quiz Entry - updated: 2026.07.14
What is spoofing in general, and what are common varieties on the internet?
A person or program pretending to be someone or something else.
The category is broad because identity is "soft" almost everywhere on the internet — sender fields, source IPs, MAC addresses, and DNS records are all just claims, not proofs.
| Variant | What gets faked | Typical goal |
|---|---|---|
| Phone-number spoofing | Caller-ID | Scam calls that look like your bank |
| Email-address spoofing | From: header |
Phishing, BEC fraud |
| IP spoofing | Source IP in IP header | Hide origin (DDoS), bypass IP allow-lists |
| DNS spoofing | DNS reply | Redirect victim to attacker's server |
| ARP spoofing | IP→MAC mapping on LAN | Local MITM |
| Content spoofing | Page contents (e.g. fake login form) | Phishing |
Defense pattern: spoofing works because we trust unauthenticated claims. The cure is the same everywhere — authenticate the claim (cryptographic signatures, certificates, SPF/DKIM/DMARC, DNSSEC) or verify it out-of-band (call the bank back on the number from your card).