What is Phishing and Pharming?
Phishing attacks use both social engineering and technical subterfuge to steal your consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers.

There appear to be three possible goals of this type of subterfuge:

1. By hijacking the brand names and logos of banks, e-retailers and credit card companies, phishers often convince recipients to respond.
2. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware.
3. Pharming crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.

Source: Anti-Phishing Working Group - http://www.antiphishing.org/Phishing-dhs-report.pdf

Is your company at risk?
Your company may be Phished or Pharmed if you have a website (e-commerce or strictly informational) or if you contact your customers through e-mail, or phone.  Any of these communication methods can be faked and used to solicit sensitive information. 

Check Phishing Prevention to see ways that you can lower the risk for your company and your customers.