Spoofing

**Spoofing** By: Matt Mitchell & Kellie Goforth

toc

Description:
Spoofing is a type of Cybercrime. It is the act of an individual, website, or computer disguising itself as something else to acquire information or access that it wouldn't normally have the right to gain, much like the above dog posing as your grandmother to get into your house and trash it. URL spoofing involves an illegitimate website copying the look and function of a legitimate website. For example, a spoof might copy Bank of America's home-banking webpage to acquire the usernames, passwords, and access codes of bank members, thus being able to access their bank accounts. This is also called phishing. Spoofing can also be committed in e-mail correspondence when the sender, subject, list-serve or message itself is altered to appear as though the e-mail is originating from a different source. Usually, all internet activity is connected to an IP address; spoofing alters this connection.

Such fabricated data in emails, on webpages, and on networks makes it impossible to back-trace troublesome or unwanted communication. Internet users might also find that their identities have been stolen, compromising their bank accounts and credit lines without any way of knowing how the intrusion occurred. Viruses can also be transmitted by masquerading emails and fraudulent webpages. Network Administrators can keep a look out for data that arrives from an //external// source and is set up to exclusively display //internal// originating address/information to reduce the number of spoofing attacks on its network. Personal internet users should be on the look-out for suspicious-looking or unusual correspondence in emails and security prefixes in URLs. Typing in a URL address manually from scratch is also a way to decrease the possibility of arriving at a spoofed website.

What is the impact of this issue on K-12 schools, educators, and students?
Spoofing could most commonly be used in the school setting by students as a type of bullying or harassment. Students can create fake email or other communication accounts just to torment other students. Hopefully this is not giving anyone ideas! This same idea can be found on Dateline's show //To Catch A// //Predator//, in a more serious and dangerous type of issue. This type of harassment is centered around individuals pretending to be someone else.

Educators have to worry about sites that mascaraed themselves as valuable for learning. Also, the issue and annoyance of spam mail. I have at least created four new email accounts just to rid myself of spam mail. Email spoofing is often just considered annoying, but can sometimes be serious. If an Email header is altered to look like it is from persons of authority asking for personal information, then the school system, educators, or students could be in more trouble than they thought.

All students, schools, and educators should worry about spoofed websites. Most commonly, and seriously, Ebay and PayPal are spoofed to gain finical information from mass amounts of people. When you're about to insert sensitive information into a website, a way to ensure that you are accessing a secure website is to check for the lock symbol in the upper left hand of your web browser. This is your web browser's way of showing you that the website you are using passes security clearance.

Integrating this topic into Daily Instruction:
Beyond teaching basic internet use and establishing firm guidelines for web-activity in the classroom for all grades, the following grade levels can benefit from specific instruction surrounding the dangers of and precautionary measures against spoofing:

__Grades K-6__
At these young ages, students are not often using email accounts, personal cell phones, or even have their own computers, so they don't have to worry about the spaming or harassments. But, this is a vital time for students to learn what is approprate and sharable information. Perhaps before students enter computer labs they can be provided an online sharing lesson. Where they learn who to share with, and what to share. By incorportating these skills early on, students will being tecnological learning with an advance on protection from spoofing.

__Grades 6-9__
During the middle school grades, students will be using the internet extensively for both school-related and personal reasons. To protect school networks as well as to give students basic life skills regarding the safety of their resources and personal information, teachers should cover the dangers of spoofing in the classroom. Explain to students the importance of keeping close tabs on their identifying information and the prevalence of identity theft so that they have the background knowledge to understand why spoofing poses such a threat. Lay out the things students should be watching closely in order to protect their information and computers and the steps they can take to verify authenticity. Make it clear that under no circumstances are they to enter anything other than their names into any website or email while they are in school; that way educators can protect themselves against being culpable for any compromised student information.

__Grades 9-12__
Students often need constant reminders; even if teachers have gone over the dangers of sharing information in kindergarden to middle school, it should be repeated again in high school. This time is when the students are most likely to be effected by spoofing.The most common form of spoofing that students might experience is student on student bullying.

**__Teaching Spoofing in the Classroom__**
Teaching a lesson on spoofing in an English classroom would be interesting, and most effective in the secondary environment. This could be incorporated into a unit on identity. If the students were reading texts like //The Importance of being Ernest --// where people parade around pretending to be someone they are not. Students can study the effects of modern day spoofing, and how it translates into the play.

During a home economics class, teachers could discuss the importance of keeping personal information safe. Here would be an appropriate time to cover the topic more in depth. Students could give presentations, explore new and media articles, and even examine the effects of spoofing. Being finical responsible is a life skill that is essential for secondary students to learn.

Additional Links:
media type="custom" key="9039986" This book on Cybercrime has a section on spoofing.

[] This includes information on how the FBI fights and investigates computer crimes.

[] Is a website that encourages telephone spoofing by advertising the idea that: The tagline "Totally Legal" suggests that the company might realize the negativity behind it's product. By providing aminimity, SpoofCard allows students to hid behind the product, which is why there has been an increase in bullying. SpoofCard makes cyberbullying even easier.


 * References:**

"Spoofed/Forged Email," Software Engineering Institute, Carnegie Mellon University. Retrieved from: http://www.cert.org/tech_tips/email_spoofing.html.

Image: Courtesy of Wiki Media Commons