ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel
  • »
  • Technology»
  • Internet & the Web

What is a Phishing Attack?

Updated on April 5, 2010

Identity theft has become the new white collar crime and it has grown tremendously. Criminals that steal identities use them in a number of ways. One of the most common tricks is to use a stolen identity to open a line of credit. The line of credit is then depleted by the thief and the actual person receives the bill. Identities are also stolen for malicious intent, such as stealing a military officer’s email credentials in hopes of carrying out fictitious orders to troops.

Phishing is a relatively new term to describe ploys used by criminals trying to steal identities. Phishing scams are on the rise:

"During 2004, close to 2 million U. S. citizens had their checking accounts raided by cyber-criminals. With the average reported loss per incident estimated at $1200, total losses were close to $2 billion. The incidence of phishing e-mails – e-mails that attempt to steal a consumer’s user name and password by imitating e-mail from a legitimate financial institution –has risen 4,000 percent over the past six months." (James, 2005, pg. 2)


What is Phishing Video

Phishing - Don't Get Hooked!
Phishing - Don't Get Hooked!
Identity Theft
Identity Theft

The term “phishing” is based on the term “fishing”. With fishing you bait a hook and try to catch fish. If you do not receive a bite, you often change the type of bait until you start catching fish. With phishing, the bait is typically an email that appears legitimate. The email typically asks for a bank customer to validate their information, however, the email redirects the customer to a fictitious bank site made to look like the legitimate bank site (James, 2005). The criminals hope the customer will not notice the redirected bank site is fictitious and that they will validate their account information. There are numerous phishing emails used as bait and criminals hope the more bait they use, the greater chances someone will fall for the scam.

The key to preventing identity theft is awareness. Financial institutions typically do not ask for account information validation. Any emails that ask for account validation or social security numbers, should be validated. The link contained within the email can be checked for legitimacy. These links often go to bogus sites that can easily be determined by the website link. For example, if you bank at and you receive an email that has a link and takes you to, this should raise suspicion. Phishing scams not only use email, but the telephone is also used. A typical scam involves a telephone call with someone impersonating your credit card company and asking you to validate your social security number, date of birth, etc. Credit card companies already have this information and do not need you to validate it. A simple line of defense is to ask the caller for the credit card company’s number and call them back.

Please check out one of my other articles on information security:

Reference:  James, L. (2005). Phishing exposed. Rockland, MA: Syngress Publishing.


    0 of 8192 characters used
    Post Comment

    • authentication profile image

      authentication 6 years ago from Orange County, CA

      I believe two factor authentication combats phishing very effectively as well. Financial institutions use it as well due to regulatory compliance.

    • profile image

      Rana 6 years ago

      thanks but also give the method for phishing attack to get more papularity like

      thanks again

    • profile image

      Rana 6 years ago

      thanks but also give the method for phishin attack to get more papularity like

      thanks again

    • kea profile image

      kea 8 years ago

      Thanks for the comment, hello, hello!

    • Hello, hello, profile image

      Hello, hello, 8 years ago from London, UK

      Thank you for your information and eye openeer.