What is spoofing?
Spoofing is generally a fraudulent or malicious practice in which communications are sent from an unknown source disguised as a source known to the recipient. Spoofing is most often found in communication mechanisms that do not have a high level of security.
Email spoofing is one of the most famous spoofs. Since Core-SMTP does not offer authentication, e-mails can easily be forged and impersonated. Fake emails can request personal information and appear to come from a known sender.
In the case of such emails, the recipient is asked to provide an account number for verification. The email spoofer then uses this account number for identity theft purposes, such as accessing the victim's bank account, changing contact details, and so on.
The attacker (or spoofer) knows that if the recipient receives a fake email that appears to be from a known source, it is likely that it will be opened and edited. A fake email can also contain additional threats such as Trojans or other viruses. These programs can cause significant computer damage by triggering unexpected activity, accessing it remotely, deleting files, and much more.