A Spoofed URL describes one website that poses as another website. It sometimes applies a mechanism that exploits bugs in web browser technology, allowing a malicious computer attack. Such attacks are most effective against computers that lack recent security patches. Others are designed for the purpose of a parody.
During such an attack, a computer user innocently visits a web site and sees a familiar URL in the address bar but is, in reality, sending information to an entirely different location that would typically be monitored by an information thief. When sensitive information is requested by a fraudulent website, it is called phishing.
The user is typically enticed to the false website from an email or a hyperlink from another website.
In another variation, a website may look like the original, but is in fact a parody of it. These are mostly harmless, and are more noticeably different from the original, as they usually do not exploit bugs in web browser technology.
This can also take place in a hosts file. It can redirect a site(s) to another IP, which could be a spoofed website.
Spoofing is the act of deception or hoaxing. URLs are the address of a resource (as a document or Web site) on the Internet that consists of a communications protocol followed by the name or address of a computer on the network and that often includes additional locating information (as directory and file names). Simply, a spoofed URL is a web address that illuminates an immense amount of deception through its ability to appear as an original site, despite it not being one. In order to prevent falling victim to the prevalent scams stemmed from the spoofed URLs, major software companies have come forward and advised techniques to detect and prevent spoofed URLs.
In order to prevent criminals from accessing personal information, such as credit card information, bank account/routing numbers, and one’s telephone number, home address, etc. it is important to learn and understand how these spoof websites can be detected. It is very important to first verify the name of the site on a digital certification through the use of SSL/TLS. Always try to identify the actual URL for the web page you are on. Make sure you are able to see the fully URL for any hyperlink, so that you can examine the address. Some characters that are commonly found in the URL of a spoofed web page are: %00, %01, @. Sometimes spoofed web sites can differ by a single letter or number in the URL. In addition, set your Internet security level to high to ensure that your computer is protected from possible attacks from spoofed sites. In general, only input personal information on a Web site i
f the name has been verified on the digital certificate. Also, if you have any concern about the confidentiality of a web site leave the page immediately.
poofed URL, a universal defining identity for phishing scams, pose a serious threat to end-users and commercial institutions. Email continues to be the favorite vehicle to perpetrate such scams mainly due to its widespread use combined with the ability to easily spoof them. Several approaches, both generic and specialized, have been proposed to address this problem. However, phishing techniques, growing in ingenuity as well as sophistication, render these solutions weak. In order to prevent users from future victimization stemmed from a spoofed URL, Internet vigilantes have published numerous tips to help users identify a spoof.