Email Spoofing

Revisiting Email Spoofing Attacks

The email system is the central battleground against phishing and social engineering attacks, and yet email providers still face key challenges to authenticate incoming emails. As a result, attackers can apply spoofing techniques to impersonate a trusted entity to conduct highly deceptive phishing attacks. In this work, we study email spoofing to answer three key questions: (1) How do email pro...

Towards the Adoption of Anti-spoofing Protocols for Email Systems

Email spoofing is a critical step of phishing, where the attacker impersonates someone the victim knows or trusts. In this paper, we conduct a qualitative study to explore why email spoofing is still possible after years of efforts to develop and deploy anti-spoofing protocols (e.g., SPF, DKIM, DMARC). First, we measure the protocol adoption by scanning 1 million Internet domains. We find the a...

Spoofing and Anti-Spoofing Measures

Speaker Recognition Anti-spoofing

Progress in the development of spoofing countermeasures for automatic speaker recognition is less advanced than equivalent work related to other biometric modalities. This chapter outlines the potential for even state-of-the-art automatic speaker recognition systems to be spoofed. While the use of a multitude of different datasets, protocols and metrics complicates the meaningful comparison of ...

Anti-spoofing, Voice Databases

As with any task involving statistical pattern recognition, the assessment of spoofing and anti-spoofing approaches for voice recognition calls for significantscale databases of spoofed speech signals. Depending on the application, these signals should normally reflect spoofing attacks performed prior to acquisition at the sensor or microphone. Since the collection of large quantities of any bi...