Welcome to PhishBait - a non-technical guide to protecting your personal information on the web!

Why another site to fight phishing and on-line scams?

As a web programmer, I have friends and family asking me for decent sites and references to help them stay safe. I’ve found a lot of good sites - but I am often asked to “translate them into plain English” for my non-techie friends.

On this site, I will try to keep the subject of phishing straightforward and accurate while making it easy for everyone to understand. You can also subscribe to the blog area and feed either through RSS or plain old email. I update it about once a week.

What is Phishing?

Phishing is, quite simply, online attempts to trick you into giving out personal information - credit card numbers, bank accounts, addresses and social security numbers, and other information. This can be done through bogus web sites, targeted email, software loaded onto your computer without your knowledge and social networks like Facebook.

Phishing Examples

Online forums offer “Phishing Kits” complete with HTML and scripts for sale. Someone with very little technical knowledge can buy one of these kits - complete with installation instructions - and have a phishing site duplicating PayPal or a bank in a matter of hours. The people who create and sell these kits are rarely caught.

A Salesforce.com employee got phished - and the phishers copied aa salesforce.com customer contact list. Information in the contact list included first and last names, company names, email addresses, telephone numbers of salesforce.com customers, and related administrative data belonging to salesforce.com. This list was used to phish Salesforce.com customers - both for username and passwords and attached malware (software that installs viruses and keyloggers).

Teens using instructions on a popular website created fake sites used to bypass parental/school controls - and to capture social networking usernames and passwords.

Phished credit card information is used to purchase large numbers of gift cards - which are then sold online.