The vulnerability of biometric systems to external attacks using a physical artefact in order to impersonate the legitimate user has become a major concern over the last decade. Such a threat, commonly known as ‘spoofing’, poses a serious risk to the integrity of biometric systems. The usual low-complexity and low-cost characteristics of these attacks make them accessible to the general public, rendering each user a potential intruder. The present study addresses the spoofing issue analysing the feasibility to perform low-cost attacks with self-manufactured three-dimensional (3D) printed models to 2.5D and 3D face recognition systems. A new database with 2D, 2.5D and 3D real and fake data from 26 subjects was acquired for the experiments. Results showed the high vulnerability of the three tested systems, including a commercial solution, to the attacks.