Attacks & Threats
DNS Spoofing
Also known as: DNS forgery
Definition
An attack that injects falsified DNS responses to redirect victims from a legitimate domain to an attacker-controlled IP address.
Examples
- Forged responses redirecting banking domain queries to a phishing page.
- Attackers on an open Wi-Fi network answering DNS queries before the legitimate resolver.
Related terms
DNS Cache Poisoning
An attack that inserts forged records into a DNS resolver's cache so subsequent queries return attacker-chosen addresses until the TTL expires.
DNS Hijacking
An attack that redirects DNS resolution to attacker-controlled answers by modifying client settings, router configurations, resolver responses, or authoritative DNS records.
Pharming
An attack that silently redirects users from a legitimate site to a malicious one by tampering with DNS, hosts files, or local routing — without requiring the victim to click a link.
Man-in-the-Middle Attack
An attack in which an adversary secretly relays or alters communications between two parties who believe they are talking directly to each other.
DNSSEC
A set of DNS extensions that cryptographically sign zone data so resolvers can verify the authenticity and integrity of DNS responses.
DNS over HTTPS (DoH)
A protocol that carries DNS queries and responses over an encrypted HTTPS connection, protecting them from eavesdropping and tampering on the local network.