Spoofing refers to a practice where attackers will change information in an e-mail header or in packets of information being sent over the Internet to make it look like the information came from another source.
One of the more common methods used to get a person to open a mail message containing a virus or Trojan is to spoof the address that appears in the "from" field. If the message appears to come from a friend or acquaintance, or a place where the person has an e-Commerce account, it is more likely to be opened.
Phishing attacks will usually combine this false e-mail information with a link to a spoofed web site. The web site will look like a person's bank or an e-Commerce site because the attacker has copied graphics and logos from the real site. The attacker may use an html link in the e-mail that makes it look like the legitimate company, too. Although there are methods that a knowledgeable person can use to distinguish these spoofed messages and web sites, it's best just to treat any information in an unsolicited e-mail with suspicion.