CAPEC 156

An attacker constructs a message such that the constructed message is capable of masquerading as an authorized message from some other principal. As a result, consumers of these messages can be manipulated into responding or processing the deceptive message. Spoofing attacks assume that some piece of content or functionality is associated with an identity and that the content is trusted by the target because of this association. Spoofing refers to the falsification of the content and/or identity in such a way that the target will incorrectly trust the legitimacy of the content. The attacker then uses this content to execute an attack. For example, an attacker may modify a financial transaction between two parties so that the participants remain unchanged but the amount of the transaction is increased. If the recipient cannot detect the change, they may incorrectly assume the modified message originated with the original sender. Spoofing may involve an attacker crafting the content from scratch or capturing and modifying legitimate content.