In an aspect, a wireless node performs a first RSRP measurement of an RS-P based on a first set of samples within a first time window of an RS-P symbol or resource, and determines whether a spoofing attack is associated with RS-P based on the first RSRP measurement and one or more other RSRP measurements of one or more other sets of samples within one or more earlier time windows of the RS-P symbol or resource. The wireless node transmits, to a communications device (e.g., position estimation entity), an indication (e.g., in a measurement report) of the spoofing attack determination. The communications device performs at least one action based at least in part upon the indication of the spoofing attack determination.