Are you familiar with phishing?

Phishing is one of the new frontier of malicious activity over the Internet. While malware do damage to computers and networks, phishing is more insidious and more malicious. The goal of phishing is to gain money. Its objective is to gain a person’s logon credentials for known business, e-commerce, and online bank sites. Phishing takes several forms and combinations of these forms, but the most common is by spoofing a Web site login page. There’s also HTML email phishing; I am sure you have encountered spam emails purporting to have come from eBay or PayPal. I receive several of those every day.

Now, how well can you spot a phishing attempt? Take this quiz from McAfee SiteAdvisor. I got seven out of ten, so that means I have to be careful a wee bit. You will be surprised on the methods in determining whether a site is a spoof or not.

Why should you take phishing seriously? Quoting from CSO:

According to Gartner, between May 2004 and May 2005, roughly 1.2 million U.S. computer users suffered phishing losses valued at $929 million.

By this time, the amount should be more than a billion US dollars. That’s serious money, and some people realized that there is a market for phishing. Hence, phishing kits are now available, allowing you to set up a phishing site/spoof Web site within second.

Be careful if you do online transactions, specially if they involve money.

PS: Post your score at the comments.