Shadowcrew, contd.

One of the most popular ways to steal credit card numbers and personal information is through "phishing" for it, using scam e-mails that draw unsuspecting recipients to Web sites where they're enticed to divulge personal financial data.

Consumers are becoming reluctant to enter their credit card numbers at retail sites, according to John Pescatore, a vice president at research firm Gartner, and are becoming extremely wary of responding to e-mails. They're resisting not just the requests from music or publishing companies pitching discounts, or travel companies pushing hotel or airline seat promotions, or utilities trying to establish online billing accounts. Pescatore also sees a lack of confidence in talking online with health-care providers and signing up for processes like electronic voting.

"People are beginning to mistrust Internet e-mail" altogether, says Pescatore, who's also a former Secret Service agent.

The Anti-Phishing Working Group, a nonprofit organization of corporations and government agencies trying to find ways to eliminate phishing, estimates some 75 million to 150 million scam-related e-mails are sent every day. Most originate from organized groups of cybercriminals, according to the group's chairman, David Jevans.

And that could decelerate the growth of electronic commerce.

In the past five years, Web commerce has grown 30%, according to International Data Corp., with consumers around the world spending more than $300 billion online last year.

But unless consumers' concerns about the safety of using their credit card numbers and other identification online is addressed, the rate of growth in the online economy could drop into single digits by 2007, Gartner figures.

The concerns are not misplaced. In just one incident last fall, data collector ChoicePoint says organized criminals accessed 144,778 consumer records, including credit reports and Social Security numbers. ChoicePoint says it has notified more than 700 people that identity information was compromised.

The growing threat of credit card and identity theft, says Edward M. Stroz, president of computer security firm Stroz Friedberg and a former agent with the Federal Bureau of Investigation, "is probably the single biggest risk to causing e-commerce to begin to dry up."