What is DNS Spoofing?
Domain Name Server (DNS) spoofing (or DNS cache poisoning) is an attack in which altered DNS records are used to redirect online traffic to a fraudulent website that resembles its intended destination. The difference between “spoofing” and “phishing” is that the former downloads malware to your computer or network, and the latter tricks you into giving up sensitive financial information to a cyber crook. Phishing is a method of retrieval, while spoofing is a means of delivery.Back to Glossary
What is a DNS Server?
To start out, a DNS server is a sort of classification system for domains on the internet. If a user is searching for yubico.com, the job of the DNS is to go out and find the IP address for that domain so the user can access the correct site.
How does DNS Spoofing work?
During DNS spoofing, hackers reroute DNS records to a different IP address getting the user onto a fake website that mimics the true website they were trying to find. Something else to be careful of with DNS spoofing is DNS cache poisoning. Your computer may remember the fraudulent IP address in it’s cache and bring you there again in the future. Other side effects of DNS spoofing can be malware infection of your device, data theft from websites containing sensitive information, or censorship.
How can you prevent DNS Spoofing?
Avoid clicking on links that are not familiar
This could be in any sort of form: email, text message, pop ups on a webpage. Sometimes URLs will be a shortened version of a legitimate website.
Scan your device for malware
Having a security software that is able to identify viruses, spyware, or any other security issue can help you spot any security intrusion early on.
Use a VPN (virtual private network)
VPN’s give increased privacy to an individual’s wi-fi network on their device. Instead of housing your IP address it uses the IP address of the VPN server.