How does DNS spoofing work?

What will be an ideal response?

In a DNS spoof, the hacker changes a Web site's IP address to the IP address of the hacker's computer. Consequently, whenever a user from the target subnetwork sends a request for that Web site, DNS servers convert the host name to the incorrect IP address. Altering the IP address directs the user to the hacker's computer. Since the user is accessing the hacker's computer under the impression that he or she is accessing a different, legitimate, site, the hacker can then send malicious code to the user's computer. The hacked site might show an alert message suggesting that all users download a specific program to protect their computers from the dangerous W32/Willies Virus. Users might actively assist in their own demise, believing they are on the real site. DNS spoofing puts the spurious IP information into a cache on a DNS server, and this needs to be frequently refreshed if the spoof is to be long-running. While the spoof is in place, anybody who uses that specific DNS server will be directed to the bogus site.