What is phishing?
“Phishing” (pronounced “fishing”) refers to a form of fraud that attempts to acquire sensitive information (usually your username, also called login or loginID, and password) for use by spammers and thieves. There are many variations, such as someone calling on the telephone and pretending to be from your bank and asking you to give them your account number, credit card number and/or your social security number, but the scam is usually perpetrated by email. The most obvious characteristic of a phishing message is that it instructs you to provide sensitive information either by replying to the message, or clicking on a link and entering the information on a Web page. Always remember that there is no legitimate reason for anyone to request a password or other sensitive data via email, and you should not respond to any such message.
Recently there have been attempts by fraudsters to trick people into revealing their personal information, such as passwords, by creating fake web sites that look very much like the sites of legitimate financial institutions. They send out emails randomly with links to these fake web sites. This phenomenon has been called Phishing, (pronounced “fishing”).
Phishing is the term that is used to describe an e-mail scam that identity thieves use to trick people into giving out their personal information such as credit card or Social Security numbers. These e-mails appear to be from well known, established legitimate organizations and tell the recipient that they need to “respond immediately” regarding an issue with their account or that they have won a prize. The e-mails often contain a link which redirects you to completely phony site which looks legitimate, complete with the company logo that asks you to enter/update your personal information such as passwords, Social Security, bank account or credit card numbers which they then steal.
Phishing, (pronounced fishing), is the act of sending an e-mail to a user falsely claiming to be a legitimate enterprise in an effort to scam the user into surrendering private information. The e-mail directs the user to visit a web site where they are asked to update personal information, such as passwords and credit card, social security, and financial institution account numbers that the legitimate enterprise already has. The web site is designed to steal the user’s information, which is often used for identity theft. The e-mail may state something like, “Your account will expire if you do not log on and update your profile.
