"CAPTCHA is a type of challenge-response test used in computing to determine that the user is not run by a computer." Many services on the web use a CAPTCHA test to determine if the a user is legitimate. A common test is to show a distorted image and then the user will respond by typing the text of the distorted letters.

The security labs at websense.com did some interesting work how the CAPTCHA test for Live Mail (a Microsoft e-mail service) is being subverted (link: http://securitylabs.websense.com/content/Blogs/3063.aspx). The article shows how a "victim" computer is used to create the accounts. This is all the more reason that users should be wary and take security of their own computer seriously.

Lately, there has been an abundance of phishing scams aimed at taxpayers. Jose Nazario documents one of these phishing scams at arbornetworks.com. If you ever get a message that appears to originate from the IRS regarding a tax matter, then it is false. The IRS has just released a press report regarding this matter (link). The report says, "The IRS does not send unsolicited e-mail about tax account matters to individual, business, tax-exempt or other taxpayers."

Almost all organizations as a practice do not ask for personal information such as your credit card, social security number and such through e-mail or instant messaging. Any organization that gathers this information this way, does not have high regard for the sanctity of your personal information.

I've added some additional news sources to my news/rss page on the subject.