Today eMarketer had an interesting article on phishing. There are seems to be a number of articles on phishing these days. Phishing is being discussed as the new online concern for 2005. In this article the discuss the results of a survey by Cyota (an anti-fraud provider for financial institutions). According to Cyota, "the number of bank accountholders who have received phishing emails grew to 50% in November 2004 from 25% in April 2004".

Another interesting phishing article published recently discussed how phishers will not limit themselves to individual identity theft, but steaking organizational credentials as well.

I have put together a short list of how individuals can protect themselves from phishers.

Prevention Tips:

1. Do not respond to unsolicited emails that ask for any personal information regardless of how urgent the request appears. Legitimate companies do not ask for personal or sensitive information in this format. If you are concerned about your account – contact the company directly using an email address or phone number you know is legitimate.
2. Do not email any personal or financial information. If you initiate a purchase online, look for indicators that the site is secure. E.g. a lock icon, a url that begins with “https:” (the “s” stands for secure)
3. Review your credit card and bank statements as you receive them to ensure that everything is correct.
4. Get spam and anti-virus protection and keep it up to date. Some email defense services/products on the market can detect phishing emails (through the same methods as detecting spam) and filter them out of inbound email - stopping them from  entering your inbox.
5. Report anything suspicious. Contact the legitimate company in the suspect email using an email address or phone number that you know is correct.