Spoofing is like using others IP address as a source address to communicate. The destination address is provided but source address is not provided. One can only sends packets and never recieves them back, so a normal network connection is not created.
Spammers often spoof to trick you into viewing an e-mail. They send out mass messages with a false identity familiar to a large number of people so that some percent of those receiving the message will view the message. Once the recipient is tricked and the e-mail is viewed the spammer may attempt to sell a product, send a political or religious message, try to acquire personal or financial information, or deliver a virus as an attachment.
some of the examples of spoofing are:
Man-in-the-middle: A packet is sniffed between the two ends and information is obtained before the packet reaches its original destination. (1)*
some of the examples of spoofing are:
Man-in-the-middle: A packet is sniffed between the two ends and information is obtained before the packet reaches its original destination. (1)*
Text/SMS Spoofs: They are sent by either email or through a web site. The sender inputs your number and then inputs the number or name they want you to see on the caller ID. They then input their message and send.
URL Spoofing: Web Spoofing is when the spoofer puts a computer between the internet user's machine and the entire internet, intercepting everything the internet user does.
When the address displayed in the address location bar of a browser is not really the web Once the internet surfer visits the spoofers 'trap' web page every web page that the internetpage being displayed it has been spoofed. For example the user may see http://www.citibank.com/ in the address location bar but really be on the web page http://www.iamgoingtorobyou.com/.
user visits thereafter is served from spoofers computer. The internet user sees the actual web pages that they are visiting but the spoofer is acting as a malicious intermediary ISP, spying on everything the internet user sees and types.
user visits thereafter is served from spoofers computer. The internet user sees the actual web pages that they are visiting but the spoofer is acting as a malicious intermediary ISP, spying on everything the internet user sees and types.
e-mail Spoofing: When a spoofer falsifies the information about whom an e-mail is from. Most spam uses e-mail spoofing with the primary intent to trick the recipient into viewing the e-mail.
IP Spoofing: Data sent over the internet is broken up and sent in small pieces of information called packets. These packets once received are reassembled by the recipient. Each packet contains information about who the packet is from and who the packet is to, among other data. Spoofers can falsify who the packet is from to trick the recipient. This type of spoofing is often used to gain access to machines which use IP authentication to verify identity.(2)*
Now let us look into the Budapest convention and Cyber Crimes
Budapest convention and Cyber Crimes:
Article 2 – Illegal access
Each Party shall adopt such legislative and other measures as may be necessary to
establish as criminal offences under its domestic law, when committed
intentionally, the access to the whole or any part of a computer system without
right. A Party may require that the offence be committed by infringing security
measures, with the intent of obtaining computer data or other dishonest intent, or
in relation to a computer system that is connected to another computer system.
Article 3 – Illegal interception
Each Party shall adopt such legislative and other measures as may be necessary to
establish as criminal offences under its domestic law, when committed
intentionally, the interception without right, made by technical means, of non5
public transmissions of computer data to, from or within a computer system,
including electromagnetic emissions from a computer system carrying such
computer data. A Party may require that the offence be committed with dishonest
intent, or in relation to a computer system that is connected to another computer
system.
Article 4 – Data interference
1 Each Party shall adopt such legislative and other measures as may be necessary to
establish as criminal offences under its domestic law, when committed
intentionally, the damaging, deletion, deterioration, alteration or suppression of
computer data without right.
2 A Party may reserve the right to require that the conduct described in paragraph 1
result in serious harm.
1 Each Party shall adopt such legislative and other measures as may be necessary to
establish as criminal offences under its domestic law, when committed
intentionally, the damaging, deletion, deterioration, alteration or suppression of
computer data without right.
2 A Party may reserve the right to require that the conduct described in paragraph 1
result in serious harm.
Article 8 – Computer-related fraud
Each Party shall adopt such legislative and other measures as may be necessary to
establish as criminal offences under its domestic law, when committed
intentionally and without right, the causing of a loss of property to another person
by:
a any input, alteration, deletion or suppression of computer data;
b any interference with the functioning of a computer system,
with fraudulent or dishonest intent of procuring, without right, an economic
benefit for oneself or for another person.(3)*
Each Party shall adopt such legislative and other measures as may be necessary to
establish as criminal offences under its domestic law, when committed
intentionally and without right, the causing of a loss of property to another person
by:
a any input, alteration, deletion or suppression of computer data;
b any interference with the functioning of a computer system,
with fraudulent or dishonest intent of procuring, without right, an economic
benefit for oneself or for another person.(3)*
All the above mentioned articles involve spoofing to a great extent. Because this involves unauthorized access to someone's computer to gain access to the information present in the machine.
Conclusion: This illegal access is like fraud to me. As someone might have to pay for something he hasn't done. Such access also violates privacy. If you can't have a secure PC, then where would you put your confidential belongings? As it is being miss used so it has to come under Cyber Crimes.
Reference
