(text emphasis mine)

'Phishing' attempts for personal information on the rise

By Ross Flint | rflint@reportert.com
Sunday October 21, 2007

With an increase in the number of phishing-related Web sites popping up on the Internet, protecting personal and financial information is becoming more of a challenge.

The scam occurs when an e-mail is sent by a hacker pretending to be from a business or bank and instructs the reader to click on a link that leads to a counterfeit Web site of the business. Upon clicking that link, the reader is asked to provide sensitive information, such as account or Social Security numbers.

The scam continues to evolve and improve. One of the more recent developments is the inadvertent downloading of information-stealing "crime-ware" onto your computer once the link in the phishing e-mail has been clicked, according to the Anti-Phishing Working Group, which includes hundreds of banks, online retailers, technology companies and government agencies and works to spread the word against phishing.

Other recent phishing attempts have involved the Internal Revenue Service. In some of those scams, an e-mail was sent during tax season and instructed the reader to click on a link to receive a refund. The link sent readers to a Web site that looked identical to the IRS site, where they were instructed to provide their Social Security number and credit and bank account numbers.

A computer worm in 2006 took over pages on the social networking Web site MySpace. The worm altered links to direct surfers to sites that were designed to steal login information.

According to computer security company McAfee, the top brand that is exploited by phishing scams is PayPal, at 45 percent, followed by eBay at 27 percent. The most common phishing subject line, according to McAfee, is Question from eBay Member regarding Item.

While the number of phishing Web sites has increased, there is a silver lining to this scam: The United States is actually now second in the world in the number of phishing scams reported, slightly behind China by 1 percent. In addition, the number of days phishing Web sites are up and illicitly collecting information has decreased from nearly a week in October 2004 to 3.6 days by July 2007, according to the Anti-Phishing Working Group.