Spoofing involves masking the identity of a person, group or organisation, by manipulating addresses, identifiers or other data used to identify a user or system. This can range from falsifying IP addresses, phone numbers and email addresses to generating persuasive, fake signals capable of disrupting the reception of legitimate GPS signals by receivers. The article aims to analyse the criminal liability of spoofing attacks, with a focus on CLI spoofing. Additionally, the article will identify the most common methods used by perpetrators of spoofing attacks. This will be followed by an examination of the statutory measures implemented in Poland to mitigate the effects of spoofing attacks, which are considered as reasons for criminal responsibility. The article confirms the research hypothesis that effective reduction of CLI spoofing requires not only legislation that introduces criminal liability for spoofing, but also appropriate legal regulations that impose certain obligations on telecommunications entrepreneurs, efficient international cooperation, and comprehensive education in the fields of cybersecurity and cyber hygiene