A spoof domain is a website that uses dishonest designs to trick users into thinking that it represents some other uninvolved party. Spoofed domains commonly imitate the sites of banks and other official businesses or government agencies, often in order to fraudulently collect sensitive financial or personal information from users.
Spoof websites are commonly considered a form of phishing. Commonly, they will use logos, impressive text and visual design or other means to effectively imitate the style of a legitimate enterprise or group. Users will often enter financial details or other data, trusting that they are being sent to the right place.
Attackers can use extremely sophisticated methods to deceive end users. Methods like URL cloaking or domain forwarding can hide some of the biggest clues that a site may not be legitimate. Experts recommend that users only access financial sites and other sensitive sites directly through a main page or other verified avenue in order to avoid being cheated by a spoofed domain.« Back to Glossary Index