What is Phishing ? An email fraud method

Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well known and trustworthy Web sites. Web sites that are frequently spoofed by phishers include PayPal, eBay, MSN, Yahoo, BestBuy, and America Online. A phishing expedition, like the fishing expedition it's named for, is a speculative venture: the phisher puts the lure hoping to fool at least a few of the prey that encounter the bait.

Phishers use a number of different social engineering and e-mail spoofing ploys to try to trick their victims. In one fairly typical case before the Federal Trade Commission (FTC), a 17-year-old male sent out messages claiming to be from America Online that said there had been a billing problem with recipients' AOL accounts. The perpetrator's e-mail used AOL logos and contained legitimate links. If recipients clicked on the "AOL Billing Center" link, however, they were taken to a spoofed AOL Web page that asked for personal information, including credit card numbers, personal identification numbers (PINs), social security numbers, banking numbers, and passwords. This information was used for identity theft.

The FTC warns users to be suspicious of any official-looking e-mail message that asks for updates on personal or financial information and urges recipients to go directly to the organization's Web site to find out whether the request is legitimate.

Phishing, also referred to as brand spoofing or carding, is a variation on "fishing," the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.

Phishing Filter

Phishing Filter offers dynamic new technology to help protect you from Web fraud and the risks of personal data theft. Scams known as "phishing scams” typically attempt to lure you into visiting phony Web sites where your personal information or credit card information can be collected for criminal use. This form of identity theft is growing quickly on the Web.

Three ways Phishing Filter helps protect you

Phishing Filter includes several patent-pending technologies designed to warn or block you from potentially harmful Web sites.

1.	A built-in filter in your browser that scans the Web addresses and Web pages you visit for characteristics associated with known online Web fraud or phishing scams, and warns you if sites you visit are suspicious.
2.	An online service to help block you from confirmed scams with up-to-the-hour information about reported phishing Web sites. (Phishing sites often appear and disappear in 24–48 hours, so up-to-the-hour information is critical to protection.)
3.	A built-in way for you to report suspicious sites or scams. With Phishing Filter, you can help provide valuable information on any Web sites you believe are potentially fraudulent phishing attacks. You submit the information to Microsoft and Microsoft evaluates it. If the information is confirmed, the online service adds the information to a database to help protect the community of Internet Explorer users.

Phishing Filter is available today in Windows Internet Explorer 7 & above for Windows XP Service Pack 2 (SP2), and in Windows Vista.

You must be running Windows XP SP2 or later to use Phishing Filter.

If your anti-virus software has phishing filter, then you can turn off the browser’s phishing filter.