The Stream
Beware the Phisherman

We are all accustomed to the infinite supply of spam greeting us from our inbox each morning. But among the normal spam and important communication, another danger awaits, luring us with calls for our immediate attention. Click on the bait, and you'll likely be on the hook for more than you expected.  According to Google Search, phishing is:

the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.

It involves the sending of a quasi-legitimate electronic communication to a mark by email.  Unlike a regular spam message, at first glance, a phishing message looks authentic.  The sender is disguised to look like someone you know, do business with, or might expect to see an email from. The message content looks professional and reputable too, often making requests to confirm some kind of activity by embedding links that lead to a cloned web site. Finally, the cloned web site will ask you to input a username, password, or other personal information. If you input that information, it will be stolen and used for some nefarious purpose.

CloudM has an excellent guid to recognizing various Phishing attacks and how to avoid them.

Here are some basic things to look for in a Phishing Message:

1. Verify the sender is coming from a legitimate source by checking the full sender address (not the display name)
2. Watch for ultimatums, threatening language, or requests for payment.
3. Beware of requests to verify credentials and personal information.
4. When clicking a link within an email, always verify the domain name of where you end up is where to intended to go.

Some Additional examples can be found here: http://www.phishing.org/phishing-examples