An attacker manipulates either egress or ingress data from a client within
						an application framework in order to change the content of messages and
						thereby circumvent the expected application logic. Performing this attack
						allows the attacker to manipulate content in such a way as to produce
						messages or content that look authentic but may contain deceptive links,
						spam-like content, or links to the attackers code. In general,
						content-spoofing within an application API can be employed to stage many
						different types of attacks varied based on the attacker's intent. When the
						goal is to spread malware, deceptive content is created such as modified
						links, buttons, or images, that entice users to click on those items, all of
						which point to a malicious URI. The techniques require use of specialized
						software that allow the attacker to man-in-the-middle communications between
						the web browser and the remote system in order to change the destination of
						various application interface elements.