Internet phishing appears to be
growing, with kits available to help apprentice criminals get into the industry.
Phishing is a scam that uses official looking e-mails. A related scam is pharming where internet surfers are
redirected by an e-mail or a hi-jacked web address to a bogus site that looks
like the users’ genuine site. The bogus site collects user names and passwords
or attempts to lure financial information from the visitor.
Phishing emails can get around spam
filters as they mimic authentic communications from a trusted source. According to internet security provider
Verisign, up to 5% of people receiving a phishing attack have given
away details of their bank accounts.
Last year, UK based web service provider Netcraft identified 41,000
phishing web sites, almost two-thirds of which targeted eBay and
PayPal’s 68 million users. Whilst the bulk of phishing URLs use the
.com domain, Netcraft reported that about 3.3% of Romania’s .ro
hostnames appeared to be phishing sites.
Phishing kits comprise software tools
that show the would-be scammer how to imitate web sites and make mass mailings
and they may even include lists of e-mail addresses.
reports that anti-virus software developer McAfee was targeted late last year by
phishers who sent bogus e-mails purporting to be from the company warning about
a new Trojan.
Bogus emails from charities are also
being used by phishers with the Red Cross being one of the top-phished web
Westpac suffered a widely publicised
phishing attack in 2004 in which customers were sent mail that directed them to
a fake site and instructed them to log in to verify their credentials.