Another phishing scam has recently rocked the financial world. Thousands of people were bilked out of millions of dollars while pundits continue to put the blame on "compromised personal computers".

Indeed spyware accounts for some identity theft - particularly keyloggers (which represent the very worst kind of spyware). Keyloggers may be bundled with other applications, but are most likely to be bundled with multi-media files, games, and other "free" "fun" software. Or keyloggers may be injected onto the target computer from malicious web sites using sophisticated scripts that take advantage of unpatched browser or operating system security flaws. This is one reason we keep reminding you over and over to keep your Windows system updated, to use a good anti-virus program (like AVAST) , to use a good anti-spyware program (like Spyware Doctor), and to double check your computer weekly by using an online virus/security scanner like Housecall. If you're using Windows 98/ME or Windows 2000, you're at greater risk because Microsoft is no longer issuing any updates for your computer and you will not able to install the latest Internet Explorer browsers.

The vast majority of successful phishing attempts, stem not from compromised computers, though that's the general consensus of so-called "experts" - the vast majority of identity theft occurs because users click links in forged emails. These links lead to very convincing counterfeit sites which in every detail look exactly like the real site. People recognize it, enter their social security numbers, passwords and user names and just like that, their identity is stolen. The crooks extract the information you submitted and store it in a database and either use it themselves or sell it to others who will use it.

Either way, you're in for a long, difficult fight to get your credit rating back. Even then your bank account or stock brokerage trade account may be wiped out before you realize what has happened - and there's little chance once your money's gone, you'll ever get it.

IMPORTANT! We cannot stress this enough: If you receive any email from any financially related site (bank, auction site, online payment site, online stock brokerage, credit card) DO NOT CLICK ANY LINKS IN THE EMAIL. It's such a simple precaution, but few take it.

And another thing: If the email is genuine it will be addressed to you - "Dear Jennifer Jones" - it will not be address to "Dear "Whatever The Company Name" Customer". In other words, if you see an email come to you and the greeting says "Dear valued Key Bank Customer" (for example) DELETE IT - it is a phish attempt. Key Bank would not send an email to you addressed to "Dear Valued Customer". If you see one of these emails - don't even read any further, as soon as you see "Dear customer", "Dear Valued Customer" "Dear ______ Bank Customer". delete it immediately.

Phishing is a billion dollar business. There are some very sophisticated phishermen/women out there - and they're making millions. They have excellent web designers and programmers who can make very authentic looking Web sites and create genuine-looking emails. But they never know your name. The buy millions of email addresses from spa*mmers or scrape or "harvest" millions email addresses from the web using "bots" and then send out tens of millions of emails. They know if they send out enough emails to enough people they're bound to connect with a few thousand "Key Bank" customers (or whatever financial institution they're pretending to be on any particular phishing expedition). So don't be surprised if you have an account at lets say "First Third Bank" or "Ameritrade" and you get a phishing email that appears to be from one of these institutions. The phishermen/women know that sending out hundreds of millions of emails will eventually end up on the "right" computers.

Once again, we remind you NOT to depend on a firewall, an anti-spyware program or anti-virus, to protect you from identity theft. That space between your ears contains all you need to prevent you from ending up flopping around in a phisherman's net and being hauled in as a catch. If this ever happens to you -it may take you years and hundreds of hours of your time to fix your credit - and you may never recover the money that was stolen from you.

The best way to deal with phishing attempts is to use common sense and DO NOT CLICK LINKS IN EMAIL FROM FINANCIALLY RELATED COMPANIES. If "Chase Bank" sends you an email and it's addressed to you - like "Dear James Smith" - it probably is genuine - but the wise among you will take the extra precaution of not clicking any links in that email. If there is something about your account that needs your attention simply open up your browser, type in the address of "Chase" (www.chase.com) and access your account from there.

So much depends on using common sense when we're browsing the Web. When we cross a busy street in the "real world" we look both ways - we don't depend on a radar attached to the top of our heads to tell us if there's a car coming. When we buy things in a "real store" we don't lay our credit card on the counter and walk away and leave it laying there while we shop. We lock our homes when we leave for the day;  we lock our cars when we park them; we don't walk down dark alleys in the worst section of town at 3:00AM - indeed, we use common sense everyday in the "real world" - and without even giving it a second thought.

But somehow when we get on the Web we leave our common sense behind, throw caution to the wind and instead rely on this program or that program to protect us. If you're relying on a program or programs to protect you, and you're not using common sense, you're going to get burned sooner or later. You've lived a few years in the real world and you use common sense every day of your life. If you didn't, it's not likely you'd reading this.

And, yes, I'm aware that the new Internet Explorer and Mozilla Firefox both have phishing filters. You think they're going to keep you safe? Really? If some protection scheme exists, like these new filters, you can be sure some crook is going to find a way to get around them. Without you using common sense, no "phishing filter" or spyware program or anti-virus program or "security" program is going to keep you safe. Nothing can protect you from yourself but you.

Face it: Most spyware gets installed on personal computers because people get tricked into installing it. Most people have their identities stolen because they get tricked into clicking links in phishing emails. Maybe the phishing filters in Internet Explorer and Firefox give people a false sense of security - and if they do then they're not such a good idea. These phishing filters should be a second-line of defense, just in case your common sense abandons you. And it will. All of us get tired, frustrated, exhausted - and when we do we tend to make mistakes. In the real world and on the web.

Most of the time, as far as I can see, people seem to leave their brains lying on the computer desk when they take off on a journey into the cyber world. And we're not talking about stupid people. We're talking smart people; people with lots of common sense in the real world; successful people; professional people - all kinds of people.

I think this may be because Web is still so new. The real world is thousands of years old. The web is only about twenty years old.

The Web started off as a Candyland in the sky - giving away free candy to all who came. But, now it's a multi-gazillion dollar conglomerate where more money than we could ever imagine changes hands every minute. In the real world we have come to know that the biggest scams are the ones that are most likely to trick potential victims; that most robberies occur at night in places where money is readily accessible;  and we "know" this - it's ingrained into us - so it become part of our common sense, common knowledge, and it keeps us from becoming a victim  - most of the time.

But anyone can buy a computer, get Internet access and start surfing merrily away without the slightest clue of the dangers that potentially await them. People like you who take the time to read articles like this are the ones who show an eagerness to learn and to keep learning. You're wise. None of us ever know so much we don't need to learn anymore. The more you learn about the Internet and how it works, the safer you will be. And you can pass your knowledge onto others.

Don't allow yourself to be bilked out of your life's savings by some miscreant sitting in some rank, smelly basement in a third-world country. Don't let anyone outsmart you. Don't depend on software to protect you. You protect you. Use software as a second line of defense. A backup. Just in case.

Remember your defense against the worst of the Web is the best part of you: Your brain. Common sense, knowledge, and the right software are your best defenses against becoming a victim of identity theft.  But the greatest of these is your own common sense.

Common sense doesn't cost you a thing but can save everything you own.

Use it or lose it.

We appreciate your comments. Please

(All financial institution logos are registered trademarks of their respective owners. Used without permission - just to make a point!)