The subtle difference between Spoofing and Phishing

It never struck me that there was a difference between Spoofing and Phishing. I always thought that they were one and the same thing. Many of us, no doubt, have the same idea, thus i will try and explain the difference for both our sakes.

Spoofing is the process of falsifying ones identity and masquerading as someone else. Simply put it just means impersonating somebody else. In general the aim of spoofing is not really defined. One just falsifies certain data that is critical for an authentication factor to identify an entity, and spoofing is in effect.

Phishing, however, is at a deeper level and it may be described as the act of impersonation in order to fool another entity into exposing certain otherwise confidential information. The aim in phishing is clearly defined, that is, to somehow extract information that would, under normal circumstances not be given to you.

The basic idea of this difference was gathered from this website: http://blogs.msdn.com/tzink/archive/2007/08/29/phishing-vs-spoofing.aspx . If my explanation is not clear enough you could follow the link and read up slightly more this area.