Preface This article describes a security attack on the Internet, which may violate the privacy and data integrity of WWW users. This attack can be implemented on existing systems, hazarding the most common web browser users, including Netscape Navigator and Microsoft Internet Explorer users.
Allow an attacker to create a copy of the entire WWW world. The port of the image web enters the attacker's web server, and the attacker machine is filtered, allowing attackers to monitor any activities of the attacker, including accounts and passwords. An attacker can also send errors or easy misunderstand data to a real web server in the name of an attacker, and send data to an attacker in the name of any web server. Briefly, an attacker observes and controls everything that is attacked on the Web.
Spoof attack
In a spoofing attack, an attacker creates an easy-to-misunderstand context to induce an attacker to enter and make a decision to lack safety considerations. Deception attack is like a virtual game: an attacker establishes a mistake but a convincing world around an attacker. If the virtual world is true, everything you have made by an attacker is unless. But unfortunately, in the wrong world seems to be a reasonable activity may lead to catastrophic consequences in the real world.
Deception attacks are also common in real-purpose electronic transactions. For example, we have heard such things: Some Western criminals have established false ATM cash machines in public situations, which can accept the ATM card and ask the user's PIN password. Once this type of machine is obtained by an attacker's PIN password, it will either "eat card", or feedback "fault" and return to the ATM card. No matter which case, criminals get enough information to copy a exact same ATM card. Behind things can be imagined. In these attacks, people are often fooled by what they see: the location of the ATM cash machine, their shape and decoration, and the content of the electronic display, etc.
It is often based on what you see when using a computer system to complete a security requirements. For example, when accessing online banks, you may extract or store a certain number of deposits from the bank's account according to the bank web page you see. Because you believe that the web page you visit is the web page of the bank you need. Whether it is the appearance of the page, the URL address, or some other related content, it makes you feel very familiar, there is no reason not to believe. However, you are likely to be fooled.
