Definitions

Phishing is a method of fraudulently obtaining personal information, such as passwords, social security numbers, and credit card details, by sending e-mails that look like they come from well-known trusted sources such as banks or financial services companies.

Phishing attacks use social engineering techniques and human psychology to manipulate individuals into divulging sensitive personal information. This human vulnerability allows scammers to trick victims into acting against their own interests.

Statistics

• Approximately 109 million U.S. adults received phishing e-mails in 2006. (Gartner, 2006)
• Financial losses from phishing attacks exceeded $2.8 billion in 2006. (Gartner, 2006)

Additional Resources

Anti-Phishing Working Group

FDIC Consumers Alerts — Phishing Scam

FTC Consumer Alert: How Not to Get Hooked by a 'Phishing Scam'

McAfee Threat Center: Top Phish Scams

McAfee's Phishing Video

US DOJ Report on Phishing (PDF)