Phishing is the act of fooling a computer user into submitting personal information by creating a counterfeit website that looks like a real (and trusted) site. It is a hacker technique of "fishing" for passwords and other secret financial info. According to WordSpy.com, the word was invented by computer hackers in the late 1990's, and it plays off a common hacker word play of changing the letter "f" to "ph", which was seen as early as the seventies with "phone phreaks."
This educational anti-phishing Flash game, created by the Federal Trade Commission, is also an ecard you can send to friends. Clicking on Printable Tips, will take you to a rather dry looking (but well-written) FTC page titled How Not to Get Hooked by a Phishing Scam. This set of tips is also available as a PDF download, to make printing and sharing as easy as point and click. "If you get an email or pop-up message that asks for personal or financial information, do not reply. And don't click on the link in the message, either. Legitimate companies don't ask for this information via email."
Published by the Federal Trade Commission, "OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against internet fraud, secure your computer, and protect your personal information." The phishing section starts out with helpful tips, but the best clicks are the anti-phishing games and videos listed in the right-hand column.
Developed in 2006 by security consultants Drs. Sukamol Srikwan and Markus Jakobsson, the Security Cartoon strip covers lots of cybersafety topics, but mostly focuses on anti-phishing education, or, as they put it: "Oops.. I clicked!" You'll find the various keyword tags (spoofing, malware, pharming, phishing) listed at the bottom of the page, but since they are all related to today's topic, I have sent you to the front page of the site. The cartoons are licensed under Creative Commons Attribution-Noncommercial-No Derivative Works, which means students and teachers can use the cartoons in homework (or on non-commercial websites) along with attribution and a link back to this site.
Snopes is my go-to site for checking out those annoying forwarded emails that get passed from one naive Internet newbie to the next. 99% of the time, Snopes tells me the emailed story is simply not true. But Snopes.com also has a phishing section, which lists many common phishing attempts, sorted by spoofed institution, such as eBay, Facebook and iTunes. But remember, just because your particular suspicious email is not listed here, does not mean that it is an authentic message from a trusted organization.
Developed by Carnegie Mellon, Anti-Phishing Phil is now a commercial product available for corporate licensing from Wombat Security. Lucky for us, however, a free, demo game is available. You are playing as Phil, a young fish learning how to find worms to eat and avoid danger. You are being taught by Phish Guru. As you approach a worm, hover over it to reveal its attached URL. Eat the worm, or discard it, depending on whether the URL is legitimate or not. At any time, Phish Guru is available to show you how to discern the difference between bonafide URLs and spoofed sites.