This is accomplished fairly easily. During the communication from the client to the server when it makes a simple GET request from the server, there are headers which are optionally sent with that request. One of these headers is the "Referer" header.
Give this a shot, and see how easy it is to spoof the Referer during a Web Request:
If you type it in correctly, you should see the response from the server in the form of HTML. You should notice right away that it reports the HTTP_REFERER:http://www.aspfree.com/devlinks. Now try the exact same thing, but change te Referer to anything you wish. Notice the ouput of the page also changes to reflect this new referer.
Bottom line, never trust the Referer server variable.