In this report
The recession connection
Social networks
Phishing costs millions
Online shopping dangers
Corporate culpability
Federal and state action
State of the Net 2009
Just in the past year...
5 ways to stay safer online
Also in This Issue
This article was featured in the June 2009 issue of Consumer Reports magazine.

Phishing costs millions

Last reviewed: June 2009

This article is the archived version of a report that appeared in June 2009 Consumer Reports magazine.

Last year, members of the American Airlines AAdvantage Program received e-mail purportedly from American Airlines promising $50 for participating in an online survey. But those who took the bait ended up on a fake site that asked for their personal information.

We estimate consumer losses to phishing scams at almost a half-billion dollars during the past two years. Last fall, more than 250 brand names were used each month in e-mail scams and other cybercrime, according to the Anti-Phishing Working Group. The most targeted industry was financial services.

One reason there are many successful phishing attacks is that users of social-network sites are often caught off guard and might be less alert to the presence of malicious Web sites, dangerous e-mail, and harmful software. "Phishing e-mails are much better now," says Rob Douglas, editor of, a Web site that provides news about identity theft. While earlier phishing scams were characterized by poor grammar, misspellings, and cheesy graphics, most are now so well done that experts can't easily tell real ones from fake.

Protect yourself

Never provide personal information via an e-mail link. Enable the antiphishing feature in your browser or download a free antiphishing toolbar such as McAfee Site Advisor (at, which warns you when you're visiting a dangerous site. Only 27 percent of respondents to our survey used such tools.