CAUGHT IN THE NET - Harvesting bank accounts is frighteningly easy. Millions of pounds are stolen each year, and the authorities seem powerless to prevent it

摘要

SENDING AN EMAIL asking for somebody's back account logon details is such a simple idea - no wonder more than 13,000 such message were created in March 2005 alone, with each one sent to thousands if not millions of people. The emails directed the receiver to one of 2870 brand-new websites where bank account and other financial details were collected. The practice is known as phishing, and uses social engineering and technical subterfuge to steal consumers' personal data and bank account details. A good phishing email will appear to be from a genuine commercial organisation, but will lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, usernames, passwords and social security numbers. Stamping out the phenomenon is proving infuriatingly difficult, despite vast sums invested by businesses worldwide. The total market for anti-phishing and anti-fraud solutions is expected to grow from USD202m in 2004 to over USD880m by 2008. If there is profit in setting up phishing scams, there is also profit in preventing them.