An attacker crafts a message that masquerades as a message from a
						principal other than the actual message sender. This may involve having the
						attacker create content for the purpose of making it appear to originate
						from a legitimate "spoofed" source. Phishing and Pharming attacks often
						attempt to do this so that their attempts to gather sensitive information
						appear to come from a legitimate source. Alternatively, an attacker may
						intercept a message from a legitimate sender and attempt to make it look
						like the message comes from them without changing its content. The latter
						form of this attack can be used to hijack credentials from legitimate users.
						This attack need not be limited to transmitted messages - any resource that
						is associated with an identity (for example, a file with a signature) can be
						the target of an attack where the attacker attempts to change the apparent
						source. This attack differs from Content Spoofing attacks since, in Content
						Spoofing, the attacker does not wish to change the apparent source of the
						message but instead wishes to change what the source appears to say. In an
						Identity Spoofing attack, the attacker is attempting to change the apparent
						source of the content.