Spoofing

Spoofing is falsifying an identity to impersonate a trusted source — email sender, IP, MAC, ARP, DNS, or caller ID. Different spoofing types have different countermeasures: SPF, DKIM, and DMARC authenticate email senders; DNSSEC signs DNS records; dynamic ARP inspection blocks ARP spoofing. Spoofing is rarely the end goal — it’s typically the opening move that enables phishing, MITM, or session hijacking.