Phishing

Wikipedia defines phishing as “a criminal activity using

social engineering techniques. Phishers attempt to fraudu-

lently acquire sensitive information, such as usernames,

passwords and credit card details, by masquerading as a

trustworthy entity in an electronic communication.” The

Anti-Phishing Working Group (APWG) defines phishing

as a form of identity theft that employs both social engi-

neering and technical subterfuge to steal consumer’s per-

sonal identity data and financial account credentials. They

further define technical subterfuge as “a scheme to plant

crimeware onto PCs to steal credentials directly, often

using key logging systems to intercept consumers’ online

account user names and passwords, and to corrupt local

and remote navigational infrastructures to misdirect con-

sumers to counterfeit Web sites and to authentic Web sites

through phisher-controlled proxies that can be used to

monitor and intercept consumers’ keystrokes.”