What is Phishing and How Not to be a Victim of Phishing
Information provided by the United States Department of Justice
Consumers will receive "spoofed" e-mails (e-mails that appear to belong to legitimate business such as financial institutions or online auction sites). These e-mails will typically redirect consumers to a "spoofed website", appearing to be from that same business or entity. Similarly, many consumers receive "pretext" phone calls (phone calls from persons purporting to be with legitimate institutions or companies) asking them for personal information. In fact, the criminals behind these e-mails, websites and phone calls have no real connection with those businesses. Their sole purpose is to obtain the consumers' personal data to engage in various fraud schemes.
The term phishing is a general term for the creation and use by criminals of e-mails and websites - designed to look like they came from well-known, legitimate and trusted businesses, financial institutions and government agencies - in an attempt to gather personal, financial and sensitive information. These criminals deceive internet users into disclosing their bank and financial information or personal data such as usernames and passwords, or into unwittingly downloading malicious computer code onto their computers that can allow criminals subsequent access to those computers or the users' financial accounts.
Although phishing, identity theft and identity fraud are terms that are sometimes used interchangeably, some distinctions are in order. Phishing is best understood as one of a number of distinct methods that identity thieves use to "steal" information through deception - that is, by enticing unwitting consumers to give out their identifying or financial information either unknowingly or under false pretenses, or by deceiving them into allowing criminals unauthorized access to their computers or personal data. The United States and some other countries use the term "identity theft" and the United Kingdom often uses the term "identity fraud" to refer broadly to the practice of obtaining and misusing others' identifying information for criminal purposes. identity fraud also can be used to refer to the subsequent criminal use of others' identifying information to obtain goods or services, or to the use of fictitious identifying information (not necessarily associated with a real living person) to commit a crime.
Phishing is committed so that criminals may obtain sensitive and valuable information about a consumer's bank or other financial accounts. Often "phishers will sell credit card account numbers to other criminals, turning a very high profit for a relatively small technological investment.
The Scope of Phishing
There are no comprehensive statistics on the number of persons whose personal information is obtained through phishing schemes or or the total dollar losses attributed to phishing related fraud. There are clear indications, however, that phishing has grown substantially over the past two years and has become a matter of concern throughout North America and other regions of the world.
A leading multinational industry coalition tha on phishing, the Anti-Phishing Working Group (APWG), issues regular reports about the current volume and types of phishing attacks. The APWG's most recent statistics for August 2006 show the growth and variety of phishing attacks over the past year and more.
Report Charts are provided by the Anti Phishing Work Group
For more about Phishing visit the Phishing Archives
|