ARP Spoofing: What It Is and How to Protect Yourself From It

ARP poisoning attacks can leave your computer and data exposed

Address Resolution Protocol (ARP) poisoning, also referred to as ARP poison routing, ARP cache poisoning, and ARP spoofing, is a form of malicious attack performed over a local area network (LAN) wherein the attacker imitates, or spoofs, ARP packages with the intention of intercepting data transfers and gaining access to a user’s computer, laptop, tablet, or other smart device.

What Is the ARP Poisoning Attack Scam?

ARP poisoning isn’t technically a scam as it’s very much a type of attack or hack. However, it's possible a scam may leave one more vulnerable to falling victim to an ARP spoofing or poisoning attack. For example, if a phone scammer convinced you to download a program from a fake website or a scam email containing malware, then this malware disabled your computer’s firewall settings and lowered its security, you could be more likely to be targeted by an ARP poisoning attack.

A man in a cafe drinking coffee and using a Windows 10 laptop.
Betsie Van Der Meer / Taxi / Getty Images

If you have fallen victim to an internet scam, there are several things you need to do and you may want to report the scammers.

It’s also possible you could be tricked into joining a wireless or wired internet connection or network owned by someone with the intent of performing an ARP spoofing attack on your computer once you’re connected, but this is extremely unlikely as such people usually just attack vulnerable networks that are already established, such as free wireless or wired internet spots in cafes, bookstores, and airports.

How Does the ARP Poisoning Scam Work?

ARP poisoning essentially works by an attacker deliberately sending spoofed or faked ARP packages over a network to a connected, unprotected, device. If effective, this strategy associates the Media Access Control (MAC) address of the attacker with the IP address of the victim and, once initiated, can essentially redirect all data through the hacker’s computer.

This vulnerability leaves the user open to session hijacking wherein the attacker can gain access to system settings and files and eventually even steal data. The user is also vulnerable to man-in-the-middle and denial-of-service (DoS) attacks which can reroute or modify traffic and disrupt or disconnect network and internet connections completely.

How Do the ARP Poisoning Scammers Find Victims?

Depending on the scale of the hack, ARP spoof attackers could deliberately target small or large businesses with the aim of stealing specific information or disrupting their services. For individual victims though, an ARP attack is usually the result of using a vulnerable device with low security settings while being connected to a public or private LAN.

How Do I Avoid Getting Involved in This Scam?

One of the best and easiest ways to avoid falling victim to an ARP attack is to constantly make sure your devices always have the latest operating system and security updates installed. You should also ensure your device’s firewall features are activated and that your anti-virus and malware programs are turned on and haven’t been switched off either by yourself, another user, or by a recently downloaded app or video game.

Some malware programs have specific features or settings that are designed to protect you from ARP poisoning attacks. If your malware program has these, make sure to turn them on.

Other ways to reduce your risk of being targeted by an ARP spoofing attack is to use a Virtual Private Networks (VPN), install a free firewall program with ARP protection features, and invest in an internet router that offers built-in shielding against ARP, DoS, and other similar hacks. If you’re an admin or manager of a company’s network, you may want to increase your system’s security by enabling unique usernames and passwords for each user and turning on packet filtering.

I’m Already a Victim. What Should I Do?

If you suspect you’re a victim of an ARP poisoning attack, you should disconnect yourself from the network immediately and perform a malware scan. You can also check your system status within Windows 10 by going to Settings > Update & Security > Windows Security to see if all of your device’s security measures are in place and active.

How Do I Avoid Being Targeted for the ARP Poisoning Scam?

To avoid being the target of an ARP attack, you should install a reliable malware protection program, sign up for a quality VPN service, and strive to keep your operating system and apps up-to-date at all times. It can also be a good idea to avoid public wired and Wi-Fi internet connections as these are frequently used by hackers to steal data from unsuspecting users.