Phishing is the act of pretending to be a legitimate organization and sending an e-mail to a user to scam the user into surrendering private information that can then be used for identity theft. The e-mail directs the user to visit a bogus website where they are asked to update personal information, such as account passwords and/or credit card, social security, and bank account numbers, all of which the real organization should already have on file. The term phishing was coined in the mid 1990’s by hackers who would pose as AOL staff members and send instant messages to potential victims asking them to reveal their password, commonly using such phrases as “please verify your account” and “confirm your billing information”. Once the victim gave over the password, the attacker would access the victim’s account and use it for criminal purposes and other nefarious acts such as spamming. (more…)