"They use the information to create new credit sources for themselves.” Computer threats, like identity theft, viruses, spam and spyware, come at us in three distinct waves.

The first wave of any attack on computers seems to the be the most blatant and widespread. As subsequent waves roll in, the attackers get more sophisticated, honing their weapons. They have to because our defenses get stronger. We’ve been through the first wave of identity theft attacks. These came in the form of “phishing,” an Internet-based method of identity thieves. While these attacks may be waning, there are undoubtedly more attacks in the offing. Now’s the time to prepare yourself.

In the first wave of computer wars, a large number of users call victim to massive surprise attacks. They’re caught unaware and unprepared. The campaigns are big and sloppy. The bait is unsophisticated. Remember the Anna Kournikova messages that spread that nasty virus? Remember all the early spam that you opened before knowing what it was?

The Stages of Phishing

Phishing has just come through this initial phase. Reports of people giving away information because of fake e-mails from financial institutions covered the pages of newspapers and magazines. These fake messages pleaded for recipients to update important account information, leading them to fake Web sites where their information was harvested.

After these initial attacks, users start to wisen up, as to the perpetrators. A full frontal attack is less effective, so they start targeted campaigns. Users change their habits to help prevent future attacks. Some crude tools are available to help, but the best method is avoidance. “Don’t open e-mail attachments from people you don’t know” was drilled into users’ heads as virus attacks changed.

This is the stage where we find phishing. It’s time to again change how we use the Internet. According to Kerr, five percent of phishing recipients still respond to these scams. The scammers will likely get more sophisticated in the near future, but prevention is relatively simple. Kerr warns, “Don’t use the links in an e-mail to get to any Web pages. Either call the company or log onto the Web site by typing in the address yourself.” Using the address printed on a statement or invoice.

When you get to a Web page that requests personal information, check to see that it is a secure page. Look in the address bar for an address that starts with “https://”, or along the bottom of your browser for either a closed padlock or key. Secure pages encrypt or make secret the info you send when you click the “Submit” button.

Waiting for the Tools

The third phase of computer security is marked by the wide availability and use of tools to prevent attacks. A variety of tools are available these days to thwart virus, spam and spyware. At this time, however, anti-theft tools haven’t started showing up on the market to any great degree. It could take quite some time before any effective tools are truly available.

Until tools are polished and prolific, follow the advice of Sgt. Esterhaus of the TV show Hill Street Blues , “Let’s be careful out there.”