From Simple English Wikipedia, the free encyclopedia
An example of a phishing email, disguised as an official email from a (fictional) bank. The sender is attempting to trick the recipient into revealing secure information by "confirming" it at thephisher's website.
Phishing is a way that people get sensitive information such asusernames orpasswords. It is a method ofsocial engineering. Very often, phishing is done byelectronic mail. This mail looks as if it comes from abank or other trusted company. It usually says that because of some change in the system, the users need to re-enter their usernames/passwords to confirm theiridentity. The emails usually have a link to a page that looks like that of the real bank.
Phishing allowscriminals to get access to bank accounts or other accounts. Types of accounts that are often accessed includeshopping,auction orgaming accounts. It can also be used foridentity theft.
Most forms of phishing have not had much change over the lifetime of theInternet. During this time, some phishing tactics have gotten much moresophisticated. For example, many phishing techniques viae-mail involvespoofing the email address and creating emails that look just like emails sent from the real company. Not all phishing attempts do this, however.
Some people who do this started usingimages of text to make it harder for anti-phishingfilters to see it. This can work because the filters look for words often used in phishingemails/messages. However, better filters have been invented that can still read the text using OCR (optical character recognition).
Some anti-phishing filters can even readcursive, hand-written, upside-down, distorted (for example, wavy or stretched) text, as well as writing on colored backgrounds.
