URL Spoofing is technique for criminals to make the address of their web site appear to be the address of a legitimate site.  One semi-famous example is from a Russian crook who sent e-mails pretending to be from CitiBank.  The e-mail stated that CitiBank needed to confirm your e-mail address and directed you to click on a link that looked somewhat like this:

http://www.citibank.com:6%4685%59%77%@%2e%72%55
(This is not the actual link since I don't want to help this crook out.)

At first glance, this appears to be a legitimate web address (or URL) for citibank.com.  But it isn't.  What you end up getting is the real citibank.com web page with a 2nd small window from the crook's web server.  If you try to log in, you actually send your credit card info to someone in Russia!

(Click to open a full-size screenshot in a new window.)

The important thing to be aware of is that a web server name (like www.citibank.com) is almost always followed immediately by a slash (/) character. They only exception is where the name can be followed by a colon (:) then a single number, and THEN the slash.  

Take another look at this link:

http://www.citibank.com:6%4685%59%77%@%2e%72%55

There is no / anywhere after citibank.com, much less immediately after it.

Here are a few examples:

Notice that the hostname is followed by an underscore (_) and NOT a slash.  This is a falsified address that actually retrieves a page from www.hacker.ru and NOT www.citibank.com.

This time there is a : and a number (6) after the name, but there is no / immediately after the 6.  In this case, the crook also is trying to disguise the rest of the URL by using special codes.  (You can find a full list of these codes at http://i-technica.com/whitestuff/urlencodechart.html )

This address is legitimate.  Notice the / immediately after citibank.com?

This address is also legitimate.  The slash isn't immediately after citibank.com this time, however, the only thing between citibank.com and the / is a single colon and a single number (81).

There is one final trick to be aware of. It involves Microsoft's Internet Explorer.  Most versions of Internet Explorer have a flaw that allows an attacker to hide part of the address.  If your copy of Internet Explorer has this flaw, it is possible to make a fraudulent URL that looks like http://www.citibank.com when it is displayed in your web browser.

In other words, make sure you have all updates for your copy of Internet Explorer installed and don't simply trust what you see in the address bar.  For tips on checking the validity and security of a site, see the Security Check page.