In general, the term spoof refers to hacking or deception that imitates another person, software program, hardware device, or computer, with the intentions of bypassing security measures. One of the most commonly known spoofings is IP spoofing.
A method of bypassing security measures on a network or a way of gaining access to a network by imitating a different IP address. Some security systems have a way of helping to identifying a user by his or her IP address or IP address range. If the attacker spoofs their IP address to match this criteria, it may help bypass security measures. This technique is also used to deceive a web page, poll, or Internet contest into thinking the user is someone else, manipulating the site's automatically collected data.
E-mail or address spoofing
E-mail or address spoofing is the process of faking a sender's e-mail address to fool the recipient of the e-mail into thinking someone else sent them the message. This form of spoofing is commonly used to bypass spam filters or trick the user into thinking an e-mail is safe when in reality it contains an attachment infected with a virus, or spam.
Phone number or Caller ID spoofing
Anyone can fake the number or area code of from where they are calling. This type of spoofing is done by telemarketers to hide their true identity and by hackers to gain access to unprotected phone voicemail messages.
A common recent tactic used by telemarketers is to make calls using numbers that are similar to yours using caller ID spoofing. For example, you may be in the 801 area code with the prefix 123 and get numbers from 801-123-4567 or 801-232-7654. Although this form of telemarketing is illegal, telemarketers use this tactic because more people are likely to answer phone calls from local numbers.
Web page spoof
A fake web page or spoof on another commonly visited page. For example, a malicious user may create a spoof page of Microsoft's, eBay, PayPal or Google's homepage that looks identical but is hosted on a different server. These pages are commonly used in phishing e-mails to extract information from the user such as usernames and passwords or send malicious files to them. Web page spoofing may also be done through IP cloaking.
Another form of web page and domain spoofing is domain squatting. Where a person may register a domain that is similar to another domain to redirect its visitors or pretend to be the company for phishing attacks.