Sophisticated Internet phishing scams are luring even well trained computer users. The so-called phishing attacks have become increasingly elaborate, often building on the trust of their victims before reeling them in. In a phishing scam, con artists persuade consumers to reveal sensitive personal information. The bait is a bogus website–designed to look exactly like a bank, online auction site or government agency.

it typically starts with an email requesting billing or financial information, allegedly necessary to prevent the termination of the user’s account. The ominous email will direct the recipient to a website that looks nearly identical to an existing company’s website.

The unwary consumers will be asked for Social Security numbers, financial information or passwords. If they bite, the phishers gain all the information they need to commit identity theft. They’ll use the information to make fraudulent purchases, obtain credit or open other accounts in the victim’s name.

In some cases, con artists are patient. During the first phase of the attack, they direct potential victims to a legitimate webpage of a bank or financial institution to read a warning about password security or Internet fraud. Then, a week or two later, the same thieves will send them another email, urging the recipients to create new passwords using the very guidelines from the webpage they were directed to the week before. This time, though, they’re directed to a fake site. And when they enter their information, the phisher captures the new password and access to their personal data.

Bookmark: