Email and other kinds of information being sent over the Internet is vulnerable to sniffing, the interception and reading of messages in transit. Encryption, authentication and identification methods, discussed later, can minimize the risk of having your confidential messages read.
The packets passing along the Internet have header information that is intended to identify where they are coming from but good hackers and crackers can generate packets with enough correct authorized source information to fool a network into thinking the packets are okay. Once inside, the packets can do their work.
In an attempt to increase security, organizations sometimes set up internal servers which restrict access to a list of computers, known by their IP addresses. But a good hacker can find IP addresses and use them to pretend to be from a “friendly” machine. Spoofing is an active kind of security attack in which a machine on a network “masquerades” as another machine, either to lure other machines into sending it data or to receive and alter data from other machines who think it is the intended recipient of the packets of data.