Gone Phishing Lately?
Phishing is an identity theft tactic that uses email as its hook. The attacker's intent is to lure the victim to click a deceptive link in an email message, which takes the victim to a website that looks and feels like a "trusted" website, such as www.chase.com or www.usbank.com. There, the user is tricked into entering one's personally identifiable information, such as credit card verification number, mother's maiden name, bank account number, account passwords, place of birth, or even one's social security number. Such information can be combined with readily obtainable information such as your address & telephone number to fully steal your financial and legal identity.
Most of the time, the website can even trick the web browser into displaying the name of the target "trusted" site in the address bar of the web browser, even though nothing on the page is from that website. The threat is large as it is usually impossible to tell unless your web browser has an anti-phishing mechanism, such as Mozilla's (Netscape's) SpoofStick.
Preventative Steps
Make sure that your email filtering provider detects and filters out phishing attacks in addition to unsolicited commercial and bulk email. Next, use a web browser that has an anti-phishing mechanism. Mozilla has one available as a plug-in. Plug-ins for IE and Opera are expected soon. Also, never click on links in emails. Even though a link can appear to be taking to you the website of your online bank account, it is straightforward to fool anyone who uses HTML email (most people). Instead of clicking a link, go to the destination site directly in your web browser by navigating to the main page of your financial institution or by using Google or another indexing search engine to find the actual website.