http://1stinkinpercent.livejournal.com/ (![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png)
1stinkinpercent.livejournal.com) wrote in ![[community profile]](https://www.dreamwidth.org/img/silk/identity/community.png)
fandomhigh2014-08-04 07:34 am
1stinkinpercent.livejournal.com) wrote in fandomhigh2014-08-04 07:34 am
Entry tags:
Hacking 101; Monday; Period 2
Once again, class was in the computer lab and Riley was at the front of the room, tapping away on his laptop while he waited for everyone to settle down. When it was time for class to start, he got up and got right to it.
"Today, we're gonna work on spoofing attacks," Riley started. "It's basically what it says on the tin, right there. A spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. In simpler terms, it means that the hacker poses as a legitimate site or person or anything and successfully lures the victim into believing it. Once the victim is lured in, the hacker either now has access to their system or might have even convinced the poor victim to send them money. Ever heard of those Nigerian email scams? That's similar to a spoofing attack."
He hoped no one had fallen for one of those here because, yeah. Those didn't turn out fun in the end.
"Your task today is to work up something that might fool the layman in terms of spoofing. Whether it be a website that you can convince someone to visit and log into so you now have all their information or an email that someone downloads and attachment from and the attachment's really a rootkit which means you're into their system or anything else. I'm going to pass out some more information on spoofing attacks and your computers are all set up with the tools you need to create whatever you might wanna create so it's really up to you. Just remember that it has to look like it's the real deal and it can't be kooky because while the savvy user will know to avoid, that's not who you're looking to lure in. Try to lure in the person who barely knows what social media is and thinks that the email saying they won ten thousand dollars for a contest they don't remember entering is a blessing. Go."
And Riley let them get to work.
"Today, we're gonna work on spoofing attacks," Riley started. "It's basically what it says on the tin, right there. A spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage. In simpler terms, it means that the hacker poses as a legitimate site or person or anything and successfully lures the victim into believing it. Once the victim is lured in, the hacker either now has access to their system or might have even convinced the poor victim to send them money. Ever heard of those Nigerian email scams? That's similar to a spoofing attack."
He hoped no one had fallen for one of those here because, yeah. Those didn't turn out fun in the end.
"Your task today is to work up something that might fool the layman in terms of spoofing. Whether it be a website that you can convince someone to visit and log into so you now have all their information or an email that someone downloads and attachment from and the attachment's really a rootkit which means you're into their system or anything else. I'm going to pass out some more information on spoofing attacks and your computers are all set up with the tools you need to create whatever you might wanna create so it's really up to you. Just remember that it has to look like it's the real deal and it can't be kooky because while the savvy user will know to avoid, that's not who you're looking to lure in. Try to lure in the person who barely knows what social media is and thinks that the email saying they won ten thousand dollars for a contest they don't remember entering is a blessing. Go."
And Riley let them get to work.
OOC [HACK 101 08/04]