LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What is spoofing in general, and what are common varieties on the internet?

A person or program pretending to be someone or something else.

The category is broad because identity is "soft" almost everywhere on the internet — sender fields, source IPs, MAC addresses, and DNS records are all just claims, not proofs.

Variant What gets faked Typical goal
Phone-number spoofing Caller-ID Scam calls that look like your bank
Email-address spoofing From: header Phishing, BEC fraud
IP spoofing Source IP in IP header Hide origin (DDoS), bypass IP allow-lists
DNS spoofing DNS reply Redirect victim to attacker's server
ARP spoofing IP→MAC mapping on LAN Local MITM
Content spoofing Page contents (e.g. fake login form) Phishing

Defense pattern: spoofing works because we trust unauthenticated claims. The cure is the same everywhere — authenticate the claim (cryptographic signatures, certificates, SPF/DKIM/DMARC, DNSSEC) or verify it out-of-band (call the bank back on the number from your card).

From Quiz: ISF / Web Application Security Basics | Updated: Jul 14, 2026