Phish,
or phishing, is a rapidly growing form of fraud that seeks to fool
web users into divulging private information by mimicking a legitimate
website.
In a typical scenario, unsuspecting users get an urgent sounding
(and authentic looking) email telling them there is a problem with
their account that they must immediately fix to avoid account termination.
The email will include a URL to a website that looks exactly like
the real thing. It is simple to copy a legitimate email and a legitimate
website but then change the so-called backend, which receives the
collected data.
The email tells the user to log on to the site and confirm some
account information. A hacker receives data a user provides, such
as a logon name, password, credit card number, or social security
number.
Phish fraud is fast, cheap, and easy to perpetuate. It is also
potentially quite lucrative for those criminals who practice it.
Phish is hard for even computer-savvy users to detect. And it is
hard for law enforcement to track down. Worse, it is almost impossible
to prosecute.
Please report to Trend Micro any
website you suspect to be a phishing site.