A good example of phishing is what happened to Apple recently. Emails were sent out that, according to an Apple employee, looked very similar to a real email that had gone out very recently. The email was regarding a supposed change in account information and linked anyone receiving the email to a site where they could verify their account information by providing their log in information.
While this can very easily be a legitimate email, this one led to an alternate site that sent any information entered to the people who set up the scam. Unfortunately, many people simply accept strange things happening with online accounts when they aren’t particularly technology literate and with a very large population for an easy to understand program such as Itunes, odds are there are going to be many people eager to make sure their account hasn’t been compromised and do the very thing they were trying to avoid.
Since the sites look very legitimate, the only way to tell if the site can be trusted is by actually looking at what site the email forwards people to or, in other cases, the return email itself can be a giveaway. Fortunately, as the article points out, websites are much harder to spoof than an email and with this kind of attack, most people would see quickly that the site they are being directed to wasn’t affiliated with Apple or Itunes and leave.