Cyber Doc logo Cyber Doc
Cybersecurity Term

What is DNS spoofing?

Manipulating name resolution so users are sent to the wrong online destination.

Network Security Last reviewed: 2026-05-20

← Back to Learn Centre

What is DNS spoofing?

DNS spoofing tricks a device or user into resolving a trusted name to the wrong address.

Simple example

A user types a legitimate website name but is silently redirected to a fake server controlled by an attacker.

Why it matters

DNS issues can redirect users, expose credentials, or interrupt access to real services.

Common warning signs

  • The activity is unexpected or unusual for the business context.
  • The request or system behaviour creates pressure to act quickly.
  • Normal approval, verification, or security processes are bypassed.
  • There are signs of unauthorised access, data exposure, or system change.
  • Staff are unsure whether the request, message, or system behaviour is legitimate.

Cyber Doc view

This term should be understood in business context, not only as a technical issue. Good protection usually combines clear processes, appropriate technical controls, staff awareness, and a calm response plan.

What to do

Proactive steps

  • Use reputable DNS services.
  • Keep routers and DNS settings protected.
  • Use HTTPS and heed certificate warnings.
  • Monitor unexpected DNS changes.
  • Protect domain registrar and DNS accounts with MFA.

Reactive steps

  • Check DNS settings on affected devices and routers.
  • Review domain and hosting DNS records.
  • Change exposed admin passwords.
  • Flush or reset affected DNS settings.
  • Investigate whether users entered credentials on fake sites.

Related terms

  • Man-in-the-middle attack
  • Domain security
  • Phishing