I don’t think that I’ve ever used the term “phishing” here before. If you’re not familiar with it, it’s a scam technique where a thief sends out email purporting to be from a third party requesting account information. You click on a link in the email that supposedly points to the impersonated party’s site, but really points to the con artist’s Web site, and then you’re asked to enter your Ebay login, or your online banking info, or even the username and password for the account to your favorite MMORPG. The criminal then uses that information to rob you, or steal your in game stuff, or whatever. I get phishing emails from “Ebay” all the time. Anyway, over two million people have had their bank accounts raided in the past year thanks to this kind of fraud. (Via Rebecca Blood.) The bottom line is that you’re never going to get a legitimate email from anybody asking you to go somewhere and enter your private account information.
Interestingly, one of the big contributors to this problem is HTML email. The scam emails I get have a URL in them like
http://www.ebay.com/account, but the link points to something like
http://220.127.116.11/lajkdaja, which is most likely a Linux box in the Ukraine running a CGI script copied out of one of my books. Plain text email requires the scammers to be a bit more creative and obvious, at least.