Phishing takes its name from Password Harvesting Fishing. Phishing is a kind of e-mail fraud wherein the perpetrator sends out legitimate-looking e-mails, typically with links to fraudulent Web sites that appear to come from well-known and trustworthy sources. Phishers attempt to gather personal and financial information from the recipient for purposes of identity theft. Phishing frauds are now the Internet's biggest identity theft scam. Phishing attacks use both social engineering and technical deceptions to steal members' personal identifiers and financial account credentials. Social-engineering schemes send official looking e-mails that provide links to counterfeit Web sites designed to lure recipients into divulging sensitive personal data such as credit card numbers, account usernames, passwords and Social Security numbers. The success rate for Phishers is staggering. Phishers can replicate Web sites and other branding of businesses, banks, merchants and credit card companies so well that an estimated 3%-5% of recipients unknowingly furnish Phishers with data. Many Phishing sites host Spyware. While the user's identity is being stolen, his or her computer is being set up for future malicious activities. |