Proof of work requires that in order for a block to be replaced with an alternate a sufficient PoW is required. Using an alternate mining operation the equivalent power of the rest of the global mining (yes, all of it) it would be possible in theory to do this in an average of ten minutes by which time there would be on average another new block to build upon meaning that the attacker would also have to build an additional two blocks in order, by then, to present a longer chain.

So, that's an average of 30 minutes work using more mining hash power than exists in all of the rest of the network in order to complete the work in less than approximately 20 minutes after first receiving the block to be tampered with.

This is effectively a 51% attack. With a 51% attack, this would, theoretically at least, be possible.

Occasionally, two blocks are found and distributed to the network at the same time. The one that is built on first is the blockchain, the one that is not is orphaned. It is pretty much foolproof.

The hash that identifies a block is calculated from the block header. This hash must fulfil the difficulty requirements. Every node will check any block that they receive for validity. Since it requires a lot of proof of work to create a block whose hash fulfils the difficulty statement, it's infeasible to fake blocks and trivial to verify valid blocks.