In phishing scam, communications disguised as official e- mails from legitimate sources like banks, credit card companies and e retailers direct the consumers to fraudulent websites designed to hoodwink them into divulging private financial information such as passwords, usernames, credit card numbers or social security numbers that will be later on used for their identity theft. On the technology side anti phishing measures include the installation of phishing filter devices for phishing protection.
Such e-mails direct the recipient to visit a website where they are asked to confirm or update such personal information that the concerned bank, credit card company or e retailer already has, under captions like ‘verify your account’ or ‘confirm billing information’. It is further indicated that in default his account will be suspended or there may be some other form of sanction.
The fake website where the unsuspecting consumer is led looks like the genuine one launched by the legitimate service provider or vendor of which the recipient of the e mail is a customer.
In the United States in March 2005 Senator Patrick Leahy introduced the Anti-Phishing Act of 2005 . The federal anti-phishing bill proposes that criminals who create fake web sites and send bogus e-mails in order to defraud consumers could be fined up to $250,000 and be jailed up to five years. However, that bill has not been passed into Act.
There have been some convictions of imprisonment under the CAN-SPAM Act of 2003 for sending e-mail to customers posing as their service provider, prompting them to part with personal and credit card information.
