If the recipient of a fake e-mail clicks on the cited link in the e-mail, the Web site encountered may have the logo of the impersonated organization along with a format that appears official. Recipients are then enticed to reveal requested financial or personal information, typically in response to promises or threats. This is a method of identity theft used to perpetrate criminal schemes with the information obtained. Because phishers use false and fraudulent statements to deceive Internet users into disclosing valuable personal data, phishing schemes may violate a variety of Federal criminal statutes that pertain to identity theft, wire fraud, credit-card fraud, bank fraud, computer fraud, and newly enacted criminal offenses in the CAN-SPAM Act. Relevant Federal statutes are cited in this report. In order to prevent being victimized by phishers, this report recommends that Internet users resist persuasive e-mail and/or Web site requests for personal information without first using alternative means of contacting the purported e-mail source to determine the legitimacy of the request. Contact points for some legitimate agencies that have been impersonated by phishers are listed. 3 sources for additional information