Content spoofing is a type of operation used by a malicious submit a falsified or altered the Web site to the user as if it were legitimate. The intention is usually to defraud victims (as in the phishing), although sometimes, the goal is simply to distort an organization or an individual. Content spoofing exploits often a relationship of trust established between a computer user and the organization.
The attacker usually leads to an Internet user spoofed content via e-mail, bulletin board postings and chat-room transmissions. In some cases, an attacker can modify information and links in a web site created by the access and modification of content on the server. The latter type of content spoofing is more difficult to detect because there are no obvious difference to the casual observer.
The most dangerous content spoofing is done with DHTML (Dynamic HTML) content sources such as forms and log-in applications. When a Web page tampered with the content is viewed by a user of the Internet, bar displays what appears to be a legitimate URL. However, the hacker has created or modified by the page. Therefore, when the user enters sensitive data (such as a credit card number, password, bank account number, date of birth, social security number or), the attacker could obtain flight data d 'identity or other fraudulent purpose.
The attacker usually leads to an Internet user spoofed content via e-mail, bulletin board postings and chat-room transmissions. In some cases, an attacker can modify information and links in a web site created by the access and modification of content on the server. The latter type of content spoofing is more difficult to detect because there are no obvious difference to the casual observer.
The most dangerous content spoofing is done with DHTML (Dynamic HTML) content sources such as forms and log-in applications. When a Web page tampered with the content is viewed by a user of the Internet, bar displays what appears to be a legitimate URL. However, the hacker has created or modified by the page. Therefore, when the user enters sensitive data (such as a credit card number, password, bank account number, date of birth, social security number or), the attacker could obtain flight data d 'identity or other fraudulent purpose.
