Domain name spoofing is the act of faking either:
- A website name
- An email domain address
Spoofing is usually intended to deceive ESP users into believing that the email’s domain is the another brand, business or entity’s legitimate email domain
- Trust from users could potentially lead to entering illegitimate websites where sensitive details are harvested
How does it work?
Spoofing is enacted by bad actors (or White Hats testing stuff) by modifying the ‘FROM’ header in some outgoing emails to overlap with an existing domain name they want to mimic