Phishing

Monday 2 April 2007

taken fom Wikipedia

In computing, phishing is a criminal activity using social engineering techniques.

Phishers attempt to fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Ebay and PayPal are two of the most targeted companies, and online banks are also common targets.

Phishing is typically carried out using email or an instant message, and often directs users to a website, although phone contact has been used as well.

Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.

The damage caused by phishing ranges from loss of access to email to substantial financial loss. This style of identity theft is becoming more popular, because of the ease with which unsuspecting people often divulge personal information to phishers, including credit card numbers, social security numbers, and mothers’ maiden names.

There are also fears that identity thieves can add such information to that they have gained through phishing simply by accessing public records. Once this information is acquired, the phishers may use a person’s details to create fake accounts in a victim’s name, ruin a victim’s credit, or even prevent victims from accessing their own accounts.

It is estimated that between May 2004 and May 2005, approximately 1.2 million computer users in the United States suffered losses caused by phishing, totaling approximately $929 million USD. U.S. businesses lose an estimated $2 billion USD a year as their clients become victims.

In the United Kingdom losses from web banking fraud — mostly from phishing — almost doubled to £23.2m in 2005, from £12.2m in 2004, while 1 in 20 users claimed to have lost out to phishing in 2005.