2LRN4 security awareness platform
NL · EN
← Back to overview

Spoofing

You are focused on your work when an email appears from a colleague. The message is urgent, well-written and seems legitimate. Still, something feels off. At that moment, knowledge about spoofing can prevent serious damage.

In the e-learning Spoofing, employees learn what spoofing is: the act of falsifying characteristics to temporarily assume a false identity. Cybercriminals impersonate colleagues, managers, banks or authorities to exploit trust and manipulate victims.

The course explains the most common forms of spoofing.

Email spoofing involves messages that appear to come from a trusted sender, often with only a subtle difference in the email address.

Website and URL spoofing uses fake websites that closely resemble legitimate ones, designed to steal login credentials or financial details.

Phone spoofing relies on falsified caller IDs, making calls appear to originate from trusted organisations.

IP spoofing, a more technical method, is also covered to raise awareness of organisational risks.

Through realistic scenarios, participants learn what to watch for. Spoofing attacks almost always rely on urgency, authority or emotional pressure. The course therefore emphasises the importance of slowing down, checking details and verifying requests.

In the story-driven video Eva and Spoofing, participants see how awareness works in practice. Eva encounters multiple warning signs: suspicious notifications, a misspelled website name and a QR code leading to a fake banking site. By choosing not to act immediately and stepping away, she avoids becoming a victim.

The course clearly explains what to do when spoofing is suspected: do not click, do not respond, and report the incident immediately to IT or security teams. Early reporting helps protect colleagues and limit damage.

The key message is simple and effective: do not trust blindly — always verify. By staying alert and validating requests, employees form a strong defence against spoofing attacks.

What will participants learn?

After completing this course, participants will:

  • understand what spoofing is
  • recognise different types of spoofing attacks
  • know how spoofing exploits trust and urgency
  • identify warning signs in emails, websites and phone calls
  • verify requests safely and correctly
  • respond appropriately and report incidents in time

Who is this course for?

This course is suitable for:

  • all employees using email, phone or the internet
  • organisations aiming to prevent fraud and data breaches
  • teams without technical security expertise
  • employees strengthening their cyber awareness

Why this course is relevant right now

Spoofing is one of the most common techniques used in cybercrime. Training employees to recognise and respond correctly significantly reduces financial loss and security incidents.