A recent method of malicious action involving interconnected computing systems (e.g., over the Internet) involves impersonation of legitimate network sites of trusted entities—such as financial institutions or other commercial entities—in order to trick a user into disclosing personal information that can be used to commit identity theft or other forms of fraud. This conduct—commonly referred to as “phishing”—typically involves sending out emails that include a hyperlink to a fake website that appears like a legitimate website of an entity with which the recipient may have a relationship (e.g., a customer of the entity). The fake website can then prompt the user to provide confidential information of the user that can later be used to commit fraud. Phishing schemes have become sophisticated, such that the user is often unable to verify that a source of the email is the actual entity identified by the email, before selecting the hyperlink that directs the user to the fake website.