14-03-2010, 07:45 AM
PHISHING
ABSTRACT:
Phishing is a general term for the creation and use by criminals of e-mails and websites “ designed to look like they come from well-known, legitimate and trusted businesses, financial institutions and government agencies “ in an attempt to gather personal, financial and sensitive information. These criminals deceive Internet users into disclosing their bank and financial information or other personal data such as usernames and passwords, or into unwittingly downloading malicious computer code onto their computers that can allow the criminals subsequent access to those computers or the users™ financial accounts.
Although phishing, identity theft and identity fraud are terms that are sometimes used interchangeably, some distinctions are in order. Phishing is best understood as one of a number of distinct methods that identity thieves use to steal information through deception “ that is, by enticing unwitting consumers to give out their identifying or financial information either unknowingly or under false pretenses, or by deceiving them into allowing criminals unauthorized access to their computers and personal data.
Identity fraud also can be used to refer to the subsequent criminal use of othersâ„¢ identifying information to obtain goods or services, or to the use of fictitious identifying information (not necessarily associated with a real living person) to commit a crime.
Phishing is committed so that the criminal may obtain sensitive and valuable information about a consumer, usually with the goal of fraudulently obtaining access to the consumerâ„¢s bank or other financial accounts. Often phishers will sell credit card or account numbers to other criminals, turning a very high profit for a relatively small technological investment.