Forget the Nigerian prince. Phishing scams are moving beyond the misspelled, far-fetched ruses that clog your in-box and beg for your bank codes. In the year to come, security professionals are warning of bank code-stealing exploits that are much slicker and more convincing–hidden in guises as harmless as a banner ad on a reputable Web site or a message from a friend on a social network.In November, security firm Sunbelt Software found that hundreds of ads placed on Web sites by DoubleClick, the largest ad-serving platform on the Web, linked to pages designed to install malware on users’ desktops. And in late December, a worm spread through Google’s (nasdaq: GOOG – news – people ) social networking site, Orkut, infecting hundreds of thousands of accounts and sending messages from friend to friend.
http://www.forbes.com/2007/12/27/phishing-hacking-virus-tech-security-cx_ag_1228phish.html