Fraudsters stayed a step ahead of gullible Internet users in 2005 by fine-tuning their tactics and turning to more sophisticated strategies, a U.K.-based Web monitoring firm said Friday.

Open redirects were one of favorite tactics of phishers in 2005, said Web tracking and anti-phishing company Netcraft, and a good example of fraudsters' increasing proficiency.

Redirects, essentially scripts on the Web server, are used by legitimate domains to redirect users to other parts of a large site from, for instance, the home page. Phishers can sometimes exploit these scripts to send users to a fraudulent site when users click on a link in a real site. The user may not even notice that he's been redirected to a phishing site rather than, say, a legitimate log-in page.

Netcraft pointed to several examples of redirection attacks in 2005, including one that used an incorrectly configured government site to fool users into giving up Social Security and credit card numbers. Users were enticed to the real site by e-mail that promised them a tax refund by the IRS.

Other phishing trends Netcraft spotted during 2005 included the appearance of pharming attacks and fraudulent e-mails that included HTML-based forms, a tactic that eliminated the need to craft elaborate Web sites to trick users.

Also in 2005, phishing attacks -- which are spawned by massive amounts of spam -- began using the spammer technique of replacing text with image-based e-mails to avoid detection by keyword-sniffing spam and phishing filters.

"Phishing attacks are continually evolving, as fraudsters develop new strategies and quickly refine them in an effort to stay a step ahead of banking customers and the security community," said a Netcraft spokesman in a statement.