The line is cast. Don't get reeled in by the artificial bait on the hook.
Phishing is the name given to the unscrupulous attempts to gain personal account information. This information includes banking account numbers, credit card numbers, usernames and passwords, and social security numbers. According to the Anti-Phishing Working Group, www.antiphising.org, up to 5% of recipients respond to these spoofed emails. Computerworld, www.computerworld.com, estimates the figure is much higher at 20%.
According to Wordspy, www.wordspy.com, the term 'phishing' was coined by hackers and 'dot con artist' who imitate legitimate companies in e-mails to entice people to share passwords or credit-card numbers. Recent victims include Charlotte's Bank of America, Best Buy, Paypal and eBay, where people were directed to Web pages that looked nearly identical to the companies' sites.
It is important, as an Internet and email user, to remember that companies will never request your account information in this manner. Be suspicious of ANY email that requests personal account information. Do not click on any links contained in these emails. Although the link may appear to take you to the web site of the company, there is code hidden in the link that redirects you to a 'look-a-like' site belonging to the scammer. If the e-mail refers you to a Web site, look carefully at the URL. It's easy to disguise a link to a site.
"Beware of the @ symbol in a URL. Most browsers will ignore all characters preceding the @ symbol, so this Web address -- http://email@example.com -- may look to the unsuspecting user like a page of Respected Company's site. But it actually takes visitors to thisisascam.com. The longer the URL, the easier it is to conceal the true destination address. Other ways to disguise URLs include substituting similar-looking characters, so that paypal.com could be (and has been) spoofed as paypaI.com or paypa1.com. Similarly, a zero can be substituted for the letter O within a URL." (Computerworld)
A "rose is not always a rose" no matter what you call it. The hacker could also include hidden code that redirects the user to their site if a link is clicked even though the link appears legitimate.
Federal Trade Commission
United States Computer Emergency Rediness Team
Phishing IQ Test
Page courtesy of City of Wilson IT Dept. http://www.wilsonnc.org