Many people communicate with one another and access computer-provided content or resources through computers interconnected by networks. To access the computers, the networks, or the content, services or other resources available through the networks, users typically must authenticate themselves by presenting security credentials (e.g., a password, a personal identification number (PIN), or a secret question/answer). For instance, most Internet service providers (ISPs) (e.g., America Online® (AOL®)) typically require a user to provide a user identifier (also known as a “screenname” or “username”) and password before the user's computer is authorized to access content or services on the ISP's network and/or the Internet.
“Identity thieves” or “scammers” often attempt to illicitly obtain a computer user's security credentials. An identity thief typically seeks a user's security credentials to gain access to the computer, network or resources in a manner that is difficult to trace back to the identity thief. For example, an identity thief may want to access a user's electronic mail (e-mail) so as to send out spam e-mail (i.e., bulk, unsolicited e-mails).
To obtain a user's security credentials, an identity thief engages in a process referred to as scamming. Scamming normally entails an identity thief sending a user an e-mail, instant message (IM), or other communication in which the thief impersonates a trusted party, such as an administrator of the network or resource or a website. The communication contains some ruse (such as needing to reset the user's account after a problem has occurred) to trick the user into giving his or her security credentials to the thief. The user typically is tricked into divulging his or her security credentials to the thief through a communication such as an e-mail, an IM, or an authentic looking website with a login form that submits to the thief instead of to the owner of the network or resource.
Scamming not only inconveniences and harms the direct victims, but also may cause an owner of a network or resource to incur significant costs. The owner may need to spend time and money restoring scammed user accounts (e.g., reset the password and delete thief-created subaccounts). The owner also may incur operational costs resulting from the fraudulent usage of accounts, such as to send spam. Some owners, such as, for example, ISPs, also may incur higher user retention/acquisition costs due to user dissatisfaction with spam and with being scammed.
Scamming is not only confined to obtaining security credentials. Scammers may also try to get other sensitive data, such as bank account numbers, credit card numbers, or personal data. For instance, a scammer may send a communication, such as an e-mail, to a user of an online auction site. In the communication, the scammer pretends to be the auction site and indicates to the user that the auction site needs the user to verify his or her billing information. The communication may contain a link to a fake website that is designed to look like the website of the online auction. The fake website requests the user to submit his or her billing information, including credit card number. When the user submits the information, it is sent to the scammer, rather than the online auction.