What is Phishing?

Phishing is a one of the fastest-growing cybercrimes and costs consumers millions of dollars each year.  Pronounced "fishing", is named from spammers using fraudulent email messages to "fish" for information in an attempt to get their recipients to divulging personal data like credit card numbers, bank account numbers, social security numbers, and passwords.  Phishing is typically carried out by email or instant messaging, and often directs users to give details at a particular website.  It is one of the biggest threats on the internet and users need to be made more aware of what it is and what it can do.    Phishing is so prevalent on the internet that if you receive an email supposedly from your bank, it’s likely to be either a criminal attempt to get your login details or a real email warning you to be careful of this scam.

The rapidly growing class of identity theft scams on the internet has caused both short-term and long-term economic damage, faced by millions of people every day.  First appearing more than ten years ago, phishing has grown to become the international electronic crime of choice for both amateurs and professionals alike.  This scam typically works like this: a scammer sends you an email message making it seem like it is an official message from a company you may have financial or other interests with, like your bank, PayPal, or eBay, and ask for your personal information such as social security number, account number or password.  These emails are also becoming more personalized, making them more believable to their victims and has become such a problem on AOL that they added a message on their instant messenger stating: "no one working at AOL will ask for your password or billing information".  These types of attacks have outnumbered e-mails infected with viruses and trojans.  Most methods of phishing use some form of deception designed to make a link in an email appear to belong to a legitimate organization, while in fact it sends you to a bogus website.  If you get a suspicious email contains a URL link, don't click on it, roll your mouse over the link and see if it matches what appears in the email.  Learn to recognize spoof emails by checking web addresses and security indicators, such as a locked padlock on the browser frame.  As a general rule, never click on emails coming from unknown sources.  Spam filters can help by reducing the number of phishing emails that users receive, however spammers often use poor spelling, bad grammar, missing words and logic gaps to get around the filters.

Phishing is the fastest growing crime which everyone on the internet is susceptible to, an old con game taking advantage of new technology.  It is so prevalent because it is such a low-cost and low-effort activity.  Phishing attacks are likely to grow more sophisticated and our defenses against them must continue to improve to combat them.