While many experts say phishers will continue to stay one step ahead of even advanced preventive measures, some security companies are developing new ways to keep the public informed about fraudulent Web sites and cut down on scams.

These initiatives are designed to fight phishing by providing helpful data to ISPs, e-mail security firms and antimalware vendors whose products are designed to protect their customers from cybercrime, as well as the financial institutions and online retailers whose Web sites are mimicked by fraudulent ones.

Meanwhile, the fight against phishing also is playing out on the desktop, as tools to keep Web users from visiting fraudulent sites become more prominent. For example, the next version of Internet Explorer will include the Phishing Filter, designed to warn users if they visit a fraudulent Web site, according to Microsoft officials. The next version of the Firefox browser is expected to have a similar feature.

Yet by the time these upgrades are widely adopted, phishers will have found ways around the blocking mechanisms, one analyst says.

"Phishing attacks as we know them will go away, but I'm sure [phishers] will come up with something else," says Avivah Litan, a vice president at Gartner.

"I think it's spy vs. spy," echoes Todd Bransford,vice president of marketing with antiphishing vendor Cyveillance. "We see more variants of phishing as the bad guys get more creative and come up with new ways to circumvent security . . . they're just different enough so that they're not recognized by the security efforts." (See chart, below.)