Spoofing & Impersonation Risks
What Is Spoofing?
When a user pretends to be someone else and the agent accepts it without verification.
High Risk When:
Users self-identify (name/email) No identity verification exists Sensitive data is provided based on claims
Prevention:
Implement authentication before access Use trusted identity systems
Authentication Methods:
Username & Password SSO (Single Sign-On) OAuth