An e-mail from your bank asks you to call the number on your card to verify a transaction

An e-mail from a merchant asks that you click on a link to reset your password

An e-mail from a utility company asks you to enter your date of birth and social security number for verification purposes

An e-mail indicates that you have won a large sum of money and asks you to enter your bank account number so that the money can be transferred to you

Loading malicious software onto a user’s computer in order to secretly gain access to sensitive information

Flooding a user’s computer with e-mail requests in order to cause the computer to crash

Gaining remote access to a user’s computer in order to steal user IDs and passwords

Using fraudulent e-mails in order to trick a user into voluntarily providing sensitive information

After clicking the link, a browser cookie is downloaded to the recipient’s computer.

After clicking the link, a Web page opens that prompts the recipient for personal information.

After clicking the link, the recipient’s private network becomes publicly visible via a rogue access point.

After clicking the link, software is installed on the recipient’s computer that records every keystroke made on the computer.

Calling the bank at its official phone number to ask whether the request for personal information is legitimate

Calling the phone number given in the e-mail and providing the personal information over the phone

Checking that the domain name of the sender’s e-mail address is associated with the bank

Conducting aWeb search to see if other people have received similar requests for personal information

A user unintentionally installs a program on their computer that records all user input and forwards it to another computer. A few weeks later, someone else is able to access the user’s computer using the recorded data.

A user has a very common password for an online banking account. Someone else guesses the password after a few attempts and gains access to the user’s account.

A user logs into an unsecure Web site. Someone else is able to view unencrypted log-in information as it is transmitted over the Internet. The user has the same username and password for multiple accounts, so the user’s log-in information for multiple systems may be compromised.

A user receives an e-mail that claims to be from the user’s bank. The e-mail instructs the user to click on a link to a Web site and enter a username and password to verify an account. Shortly after following the steps, the user discovers that the Web site is fraudulent and that the user’s username and password were stolen.

The software gives an unauthorized individual remote access to the computer, allowing the individual to search the computer for personal information.

The software installs a virus on the computer and prompts the user to make a payment to the unauthorized individual to remove the virus.

The software prompts the user to enter personal information to verify the user’s identity. This personal information is recorded and transmitted to an unauthorized individual.

The software records all user input on the computer. The recorded information is transmitted to an unauthorized individual, who analyzes it to determine the user’s login passwords.

A vulnerability in the device’s software is exploited to gain unauthorized access to other devices on the user’s home network.

A vulnerability in the device’s software is exploited to install software that reveals the user’s password to an unauthorized individual.

The user is sent an e-mail appearing to be from the manufacturer, asking the user to confirm the account password by clicking on a link in the e-mail and entering the password on the resulting page.

The user’s account is sent an overwhelming number of messages in an attempt to disrupt service on the user’s home network.