Word Notes 10.18.22
Ep 121 | 10.18.22

Domain spoofing (noun)

Transcript

Rick Howard: The word is: Domain spoofing

Rick Howard: Spelled: Domain as in a logical grouping of one or more computer networks within the same infrastructure and spoofing as in an impersonation of something. 

Rick Howard: Definition: A social engineering tactic in which hackers build a malicious domain to mimic a legitimate one. 

Rick Howard: Example sentence: The attacker used a spoofed domain to represent PayPal's login page.

Rick Howard: Origin and context: Domain spoofing is a social engineering technique where an attacker impersonates a legitimate domain in order to trick a victim into performing some action. A common hacker technique is to register domain names with URLs that very closely resemble legitimate websites. 

Rick Howard: For example, one valid URL associated with a German Penta Bank is getpenta.com. In 2021, hackers registered a spoofed URL called getpenta-bank.com and, according to the website Domainspace.io, "tried to collect customer login data with a fake website." Unfortunately, there isn't one slam dunk prevention solution to protect against this technique. 

Rick Howard: Network defenders rely on a series of less than perfect solutions, like the combination of anti-spam tools, validating SSL certificates, verifying protocols like DMARC, domain based message authentication, and DKIM domain keys identified mail, If they exisit, and training employees what to look for in their internal security awareness programs.

Rick Howard: Nerd reference: In the 2018 movie, Mission Impossible Fallout starring Tom Cruise as the impossible Mission Force Leader, IMF and Ving Rhames, the team's hacker, the IMF team captures a Norwegian nuclear weapons terrorist named Nils Delbruuk, who has information they need to stop a nuclear explosion. After they rough him up a bit, they place him in what appears to be a hospital room with a TV broadcasting CNN News. When he awakes, they convince him that he has been unconscious for two weeks after the scheduled nuclear detonation. Delbruuk desperately wants to publish his manifesto to the world explaining why he did it.

Rick Howard: He makes a deal with Cruise to exchange his laptop password if Cruise releases the manifesto to the public. Cruise calls Wolf Blitzer from CNN News and in real time, Blitzer reads the manifesto on air and Delbruuk gives up the password. As soon as he does, the four hospital walls fall flat to the ground to reveal Delbruuk was not in a hospital but a big warehouse and Wolf Blitzer walks up, pulls off his fake IMF mask to reveal Simon Peeg another of Cruise IMF team.

Tom Cruise: We know who you are. We read the manifesto, we found your lab.

Nils Delbruuk: When they read this manifesto, they don't understand. 

Tom Cruise: Nobody's gonna read that manifesto, ever. I can promise you that. 

Nils Delbruuk: What day is it? How long have I been here? 

Ving Rhames: What's the last thing you remember?

Nils Delbruuk: I, I was driving

Nils Delbruuk: Someone hit me. 

Tom Cruise: That was two weeks ago. 

Nils Delbruuk: Two weeks? 

Tom Cruise: Two weeks. 

Ving Rhames: What if we make a deal? 

Tom Cruise: No, there's no deal, Luther, step outside. Give me five minutes with this guy.

Ving Rhames: Ethan, I can't let to do that, that's not who we are. 

Tom Cruise: Maybe we need to reconsider that. 

Ving Rhames: What if they read the manifesto on the air?

Nils Delbruuk: What? You can do that? 

Ving Rhames: We can do it with a phone call. 

Nils Delbruuk: Well, if he reads Lars Manifesto. 

Tom Cruise: No.

Nils Delbruuk: I'll give you the passcode. 

Wolf Blitzer: Standby, I'm told we're about to get some additional information. I've just been handed a document from Nils Delbruuk, a nuclear weapons specialist who claims to have built the weapons used in these attacks. I've been asked to read this manifesto in its entirety.. 

Wolf Blitzer: It is the beginning of a greater mutual understanding to your common suffering. It is the first step for the ultimate brother of a man. 

Ving Rhames: We got it. 

Wolf Blitzer: The suffering I bring you is.

Tom Cruise: Go.

Wolf Blitzer: Did we get it? 

Tom Cruise: Of course we got it.

Rick Howard: That's how you do domain spoofing in the real world. 

Rick Howard: Word Notes is written by Tim Nodar, executive produced by Peter Kilpe and edited by John Petrik and me, Rick Howard. The mix, sound design, and original music have all been crafted by the ridiculously talented Elliott Peltzman. Thanks for listening.