The Latest On "Phishing" and Other Online Scams

You may have heard about a form of identity theft known as "phishing." In a phishing scam (see examples of past phishing attempts aimed at Hancock Bank customers), identity thieves send cleverly disguised e-mails, supposedly from legitimate and reputable companies, to mass e-mail address lists of potentially millions of people.

The bogus e-mails usually tell recipients that their accounts are in danger of being frozen or suspended.

Recipients are then asked to "confirm" valuable and sensitive personal information - such as Social Security and credit card numbers, passwords, and account user names - by clicking on a link that really takes them to a fake Web site set up by the thieves to capture this information. Once they have the personal information, thieves can use it to set up new accounts and make unauthorized purchases in their victims' names.

Authentic-Looking "Fakes"

Phishing has become such a huge problem because identity thieves have become very skilled at creating authentic-looking fake e-mails, complete with the logos of well-recognized banks, credit card issuers and online retailers.

Phishing scams cost the average victim $395 per incident, according to the 2005 Consumer Reports State of the Net survey, and total losses last year due to phishing reached $929 billion, reports The Gartner Group.

The good news with regard to phishing is that it has gotten a lot of attention and publicity over the past year, so more consumers are aware of it and know how to spot the phony e-mails. Also, companies whose brand names, trademarks and logos are being spoofed are now able to get the bogus Web sites taken down much more quickly.

New Technologies Are Helping

In addition, new technologies are being devised to help protect potential victims from being caught in a phishing scam. Spam filtering devices and e-mail authentication technologies are becoming more sophisticated and effective.

And scientists and researchers recently developed an anti-phishing device - called the Phoolproof Phishing Prevention system - to help prevent potential victims from completing online transactions at fraudulent Web sites. This system uses cell phones as part of the authentication process in establishing a secure connection with a particular Web site.

However, the bad news is that thieves are continuing to devise new ways to steal victims' identities - and their money. Three of the newest scams you should be aware of are "spear" phishing, vishing, and pharming.