Phishing is type of electronic fraud that uses social engineering. Phishers pretend to be a trustworthy party (such as a bank) in attempt to steal sensitive information (such as passwords, bank account numbers, or credit card details). A Phishing attack is carried out electronically -- commonly through email or instant messaging, but it can also occur through voice phone calls, text messages, or other electronic communication methods. Once a phisher has collected this sensitive information, it can be used to take money from an account or simply shuffle money back and forth to make it harder to audit where money flows.
Phishing and identity theft are problems faced by millions of people every day. Some people have begun to question how they use the Internet: "Is it safe to use my credit card on the Internet?" ... "Does my bank really want me to change my password?" Others fall victim to these scams without realization.
At IU, we are attacking the problem head-on, by studying the problem in depth to figure out exactly what makes phishers tick. Electronic fraud affects nearly everyone: students, researchers, banks, everyday people... the list is endless. Depending on who you are, it may affect you differently. If you work for a bank you probably want to protect your clients from harm. If you use online banking, you are probably interested in protecting your investments and family.