It is pure deception: it just makes you think that you're typing your details into a "real" site when, in fact, you are not.

It's no different from the old trick of asking someone for an "autograph" when actually what they're signing is something completely different...


Most unlikely!

Phishing scams are just clever fakes of communications from banks, ISPs, etc, etc, asking you to "confirm" or "update" your security details - if you beleive them, you are actually typing your username and password into a fake site!
Once you've done that, of course, they have your full login details and can go to the real site and log in as you!

Remember: a real service provider will never ask you, unsolicited, for your login details!

Beware of links in emails - it is very easy to have the link "say" one thing, but actually go somewhere completely different; eg, this link will not take you to http://www.keil.com (it actually goes the 8052.com home page)

If in doubt, don't click the link - type the URL into your browser manually instead.

Check the security advice from your bank, etc; eg, here's what some UK banks say:
http://www.firstdirect.com/security/
http://www.halifax.co.uk/Securitya...curity.asp
http://www.lloydstsb.com/security/...urself.asp


A bit like Windows - because it's so widely used, it's a very big and easy target!

Yahoo and the like are also prime sources of spam, as it's so easy to set up an account for free and without any sort of verification (or, at least, it was - things may have changed now?)

For this reason, it is not unknown for spam filters to simply blacklist anything sent from a Yahoo, MSN, or similar domain...