This week in phishing

When a Gmail user opens a suspected phishing message, the software displays a large red dialog box that warns the user the message may not be from whom it claims to be.

Gmail will also remove all live hyperlinks from suspect HTML-based e-mails to protect people's systems from potentially fraudulent Web sites. The addresses of the sites can still be accessed by examining the original code of the e-mail, a feature that Gmail provides.

While the growth of new phishing attacks has slowed, attackers are apparently busy building more sophisticated traps and using advanced technology to perpetrate online fraud. Last week, the Anti-Phishing Working Group, an online fraud watchdog, reported that the number of phishing e-mails it tracked between January and February grew by only 2 percent.

That figure seems to mark a significant shift in the threat, given that the average growth rate has been 26 percent per month since July 2004. But during the January-February period, phishing attacks also became more sophisticated, experts said, with advances in phishing schemes that use e-mail and the creation of fraudulent Web pages that appear almost identical to their legitimate counterparts.

Meanwhile, police in Estonia have arrested a man suspected of stealing millions of euros from bank accounts across Europe, according to a report in the Sydney Morning Herald. The unnamed 24-year-old is believed to have infected hundreds of computers with a Trojan horse program to obtain usernames and passwords from them.