Phishing attacks – typically involve millions of emails that appear to be from a legitimate company (e.g., online bank or merchant), announcing a problem with the recipient’s account. The emails try to dupe users into clicking on a link that appears to point to a legitimate business website but actually takes the user to an imposter site controlled by the attacker and designed to resemble the e-commerce site. The site asks the user for a login name and password or other account information, which the attacker’s software retains for fraud and criminal use. This is one of the most common forms of online scams. [tooltip tip=”In Kramer, Franklin, S.H. Starr, and L.K. Wentz (eds.). (2009). Cyberpower and National Security. Washington, D.C.: National Defense University Press.”]Edward Skoudis, Information Security Issues in Cyberspace (2009).[/tooltip]