Covers DNS spoofing attacks where threat actors manipulate Domain Name System records to redirect users to malicious websites. Articles explain how DNS cache poisoning works, its impact on data security, and countermeasures like DNSSEC and secure resolver configurations.
posts
In April 2024, researchers at Akamai discovered a massive DNS hijacking campaign targeting financial institutions across Southeast Asia. Attackers poisoned DNS caches at the ISP level, silently redirecting thousands of banking customers to pixel-perfect phishing sites. Victims entered their credentials on pages that looked identical to their bank's
The CEO Email That Wasn't From the CEO In early 2025, a mid-sized logistics company wired $3.1 million to a bank account in Hong Kong. The CFO had received an email — apparently from the CEO — requesting an urgent wire transfer for a confidential acquisition. The email address
In August 2024, the FBI's Internet Crime Complaint Center warned that business email spoofing remained one of the top reported cybercrime vectors, with Business Email Compromise (BEC) losses exceeding $2.9 billion in 2023 alone. That number doesn't even capture the full picture — because spoofing extends
In April 2018, attackers hijacked the DNS servers used by MyEtherWallet and redirected users to a phishing site hosted in Russia. The entire attack lasted roughly two hours. In that window, victims lost around $17 million in cryptocurrency — simply because their browsers resolved a legitimate domain name to a malicious
In March 2022, the FBI warned that business email compromise schemes — many of which rely heavily on spoofing — had caused over $43 billion in global losses since 2016. That's not a typo. Forty-three billion. And the most unsettling part? The attacks didn't require elite hacking skills.
In July 2020, a seventeen-year-old in Florida used phone-based spoofing and social engineering to compromise internal Twitter tools, hijacking the verified accounts of Barack Obama, Elon Musk, Jeff Bezos, and Apple. The attackers impersonated IT staff during phone calls to Twitter employees, spoofing caller IDs to appear legitimate. Within hours,
In April 2022, researchers at Avast discovered that the GhostDNS botnet had compromised over 100,000 home routers across Brazil — silently redirecting banking customers to pixel-perfect phishing pages. Victims typed their real bank URLs into their browsers. The addresses looked correct. But every keystroke landed on a threat actor'
In 2023, a finance employee at the multinational firm Arup wired $25 million to threat actors after a deepfake video call that spoofed the company's CFO and several colleagues. Every face on the screen was fake. Every voice was synthesized. The employee had no reason to doubt what
A Single Spoofed Email Cost This Company $46.7 Million In 2016, FACC Operations GmbH, an Austrian aerospace parts manufacturer, lost €42 million (roughly $46.7 million USD) after attackers sent a spoofed email impersonating the company's CEO. The finance department wired the money to accounts controlled by
Your Employees Think They're on Your Bank's Website. They're Not. In April 2022, researchers at Avast documented a campaign where threat actors compromised home routers to execute a DNS spoofing attack that redirected users trying to visit legitimate banking sites to near-perfect credential theft
