Quiz Entry - updated: 2026.07.14
What is Spoofing in STRIDE and what security property does it violate?
Pretending to be someone or something you're not — it violates Authentication.
Spoofing:
| Aspect | Description |
|---|---|
| Property violated | Authentication |
| Definition | Pretending to be someone/something you're not |
| Examples | Phishing emails, caller ID spoofing, deepfakes, stolen credentials |
Why it matters: If an attacker can successfully spoof an identity, they gain unauthorized access to systems and data.
Mitigation:
- Multi-Factor Authentication (MFA)
- Digital certificates
- Biometrics
- Strong password policies
Go deeper:
STRIDE model (Wikipedia) — Spoofing ↔ Authenticity within the full six-category mapping.