The @ Team of Lanzarote, during the investigation, clarified a crime of fraud committed using the “web spoofing” technique, the alleged perpetrator made a publication of the rental of a property on a well-known online platform, managing to divert the victim's attention to a cloned website, with similar characteristics to the original, even making a bank transfer for the amount of 843 euros, events that occurred on the island of Lanzarote.
The Civil Guard became aware as a result of a complaint filed in March 2022 at the facilities of the Main Post of San Bartolomé, of the commission of a fraud taking advantage of the interest of the injured parties in renting a home through a website of recognized solvency. Therefore, after taking the necessary steps through the Internet and accessing through a (fraudulent) link to the cloned website to view the photos of the property and other characteristics for its rental, the corresponding bank transfer was carried out for a total amount of 843 euros.
Likewise, the injured person later realized that they had been the victim of a scam, as they never managed to contact the advertiser again or received a phone call from them within the agreed period. Finally, the members of the @ Lanzarote Team, within the tasks entrusted to them in the exercise of their specific functions in the area of Cybercrime, collected all the data on the events that occurred and carried out the appropriate police investigations, identifying the alleged perpetrator, being a citizen residing abroad. In this type of attack, cybercriminals publish rental properties on websites by cloning the original, to generate trust in the citizen and make them pay the agreed price with social engineering techniques.
What is WEB SPOOFING?
Web Spoofing consists of impersonating a real website with a fake one in order to carry out a fraudulent action. The fake website adopts the design of the website that is intended to be impersonated and even a similar URL. A more sophisticated type of attack consists of creating a “shadow copy” of the entire World Wide Web to ensure that the victim's traffic passes through the attacker, in this way all the victim's sensitive information is obtained. This type of attack manages to redirect a victim's connection through a fake page to other web pages with the aim of carrying out some fraudulent action associated with phishing to obtain information, such as usernames and passwords, from the traffic of said victim. In addition, it is possible for the attacker to send data to real page servers on behalf of the victim or from any web server to the victim.
Protecting corporate systems against hacking attempts
The Civil Guard makes some recommendations against piracy, such as using antivirus, firewalls and other tools, and carrying out frequent analysis of computers and devices to avoid infections from malicious code, keeping personal and business computers updated: pay attention to security alerts, update security patches, periodically perform system checks, make sure your email accounts are well protected and do not communicate the password, do not click on attachments that you are not expecting, even if they have names that sound harmless (for example, invoice), activate the spam mail filter and block access to suspicious websites or those that are blacklisted.
Prevention, identification and action against WEB SPOOFING
Web spoofing is difficult to detect; perhaps the best measure is some browser plugin that shows the IP of the visited server at all times: if the IP never changes when visiting different web pages, it will mean that we are probably suffering this type of attack. Another way to prevent this type of spoofing is to avoid using hyperlinks. For example, instead of using a link from an email, write the url of the web yourself. In addition, it is advisable to avoid using the same password on all websites since if you have been victims of this attack the damage will be less. If it has been determined that the website has been the target of impersonation, it will be necessary to collect information about it. This information will help identify the fraudulent website, determine if customer information has been stolen and know the identity of the attacker. It will be appropriate to go to court to report the theft of information and the incorrect use of brands
