phishing exercises in which criminals create replicas of commercial Web sites
The second issue I have is that the most common attacks today collect passwords through phishing .
The idea, similar to the way some have tried to stop spam, is that people can easily report a site that is designed for phishing , and it goes into the communal database.
To avoid being a victim of phishing , never respond to e-mail requests for personal information, no matter how official the message looks.
The modern era of phishing is exemplified by emails messages from Nigerians posing as business partners trying to move money out of the African country.
Now I'm seeing a lot more phishing : spam that purports to be from Paypal, Amazon, your bank or, hey, any bank at all.
Since it claims they will block these sites, will a user who gets phished be able to sue it for not living up to their promise to block those sites?
The claim here is that phishing is only illegal after someone is defrauded - and this law will make the actions required to phish (the fake website and fake email) illegal as well.
In February, a Minnesota scammer who phished PayPal members, pleaded guilty to wire fraud in federal court.
Of course, the same people who are clueless enough to respond to spam may also be the ones who get phished and may also not hear about what to do about either.