What is IP Spoofing?

Page content

There are many dangers in the online world that make surfing the web a perilous journey for the uninitiated. Among the most common dangers are viruses, Trojan horses, commercial fraud, and identity theft. One particular danger for online web users involves the undetected redirection of an Internet browser from one site to another.

A Definition of IP Spoofing

IP Spoofing, sometimes known as IP Address Forgery or Host Hijacking, is a method of hijacking browsers by redirecting the Internet user to a fraudulent website. The perpetrator of an IP Spoof is called a cracker because he/she must have the ability to crack several networks in order to perpetrate this crime.

Website spoofing is the technique of hijacking a website, removing the owner’s content, and replacing it with some other content. The cracker could be a disgruntled consumer, ex-employee, or someone completely unrelated to the owner of the website. Often, the cracker will replace the owner’s website content with something vulgar or distasteful to attract media attention and tarnish the owner’s or business’ reputation.

IP Spoofing is a bit different from Website Spoofing although typically the same motivation applies. Instead of hijacking the owner’s website and replacing its content, the cracker instead hijacks the website’s IP address and redirects the Internet browser to an unintended destination. The destination may contain the vulgar content discussed above or it may be a replication of the original owner’s website in an attempt to gain sensitive information like passwords or credit card numbers from an unsuspecting victim.

How IP Spoofing Works

Without getting too technical, an IP Spoof works something like this. An Internet user types in some address in the address bar of his/her Internet browser. Let’s say, for example, that the user wants to go to a bank’s website to check a checking account balance.

The cracker, who has hijacked the IP address of the bank, redirects the Internet user to another site. Again, this site may contain distasteful content such as nude pictures but often the spoofed site will contain a replica of the bank’s website. The Internet user, not aware that he/she did not arrive at the website he/she intended to visit, innocently types in a user name and password that the cracker may gather from the victim to be used for identity theft purposes.

Protecting Yourself from IP Spoofing

IP Spoofing is difficult to detect but there are a few things you can do to protect yourself. First, many web browsers give a quick “click” whenever the user surfs to a website or the user is redirected to another site. If your browser clicks many times in a row, a cracker may be redirecting you from site to site to cover his/her tracks. If you suspect IP Spoofing, close your browser immediately and contact the owner of the site.

Second, look for clues on a website that give telltale signs that the website you are viewing is not the real one. Look for misspellings, drawn out and nonsense sentences, and any feature of the site that look unprofessional. This is especially true of banks and other financial services websites. Many times the cracker lives in a foreign country and doesn’t have a good grasp of the English language. It’s unlikely that a bank, for example, would display an unprofessional appearance so this is a red flag to alert you to a possible IP Spoof and identity theft attempt.


IP Spoofing and IP Address Forgery are but some of the many dangers surfing the Internet. Spoofing of this kind can lead to identity theft and other crimes perpetrated on an unsuspecting victim. If you suspect that the website you are viewing is fraudulent, close your browser and double check with the website owner. It’s better to be safe than sorry when it comes to identity theft.