Phishing scams offer fresh bait

WASHINGTON POST
WASHINGTON -- If you see an e-mail asking you to donate to the victims of Hurricane Wilma, be careful. A scammer may be "phishing" in your e-mail inbox.
"Phishing" scams, in which e-mails and Web sites made to look official are used to trick people out of their credit card numbers or other personal information, are on the rise.
And with people continuing to fall victim and new opportunities to put a different face on the same scam -- the hurricane relief efforts among the latest -- it appears that phishing attacks are here to stay.
On the rise
The number of attacks was up 28 percent between May 2004 and May 2005, according to a study by research firm Gartner Inc. An estimated 2.4 million Americans were victims during the 12-month period, resulting in financial losses of about $929 million.
The classic phishing scams seem to come around again and again, with little variation: Your eBay account is about to expire, the sender of the e-mail warns you. Click on the link and resubmit your credit card information to avoid any loss of service.
Of course, when you click, it's not an eBay site that you'll be visiting -- though it probably looks very much like one. And it won't be eBay's billing department that will have your credit card information, either.
It's not always personal information that they're asking for. A new form of phishing, called "spear phishing," targets members of a particular organization and claims to be its e-mail provider. The link will prompt you to download special software, which could install spyware or adware that records personal information later.