Definition: Email spoofing is the act of forging the header information on an email so that it appears to have originated from somewhere other than its true source. The protocol used for email, SMTP (Simple Mail Transfer Protocol), does not have any authentication to verify the source. By changing the header information, someone can make an email appear to come from whomever they choose. Miscreants can even copy the targeted organization's logo and formatting, to give the email an authentic look and feel.
Email spoofing is used by virus authors. By propagating a virus with a spoofed email source, it is more difficult for users who receive the virus to track its source to stop the virus.
Email spoofing is also used by distributors of spam to hide their identity. In March 2009, About.com's daily newsletter was the victim of a high volume of spoofed email from spammers attempting to sell Viagra. Because the email contained About.com's logo and address, some recipients believed it actually originated from About.com.