Domain Name System spoofing, DNS spoofing in short, is a spoofing type in which the traffic from legitimate servers is diverted to fake ones. This is done by replacing IP addresses stored in the DNS servers with fake ones. The fake IP addresses are under the control of the spoofer. This means that when a user types in the website address, they will be directed to a fake website instead of the legitimate one. Often, the spoofer aims to install worms or viruses to the user’s computer through the fake website to get long-term access to the user’s data for their own gain.
One of the most common ways for DNS spoofing is DNS cache poisoning. With DNS cache poisoning, the fake IP addresses are entered into the temporary storage of previous DNS lookups on the machine’s operating system or the web browser. In other words, into the DNS cache.