One tool phishers use to trick their victims is a spoofed website. These sites appear to be identical to major bank or credit card websites, but are hosted on third-party servers that the criminal controls. After contacting the victim via email, the scammer provides a disguised HTML link. The link appears to bear the address of the actual financial institution, but it instead redirects the victim to the fake site. If the victim does not notice the different address in his browser bar, he may unwittingly provide the criminal vital financial information. These sites may also attempt to install keyloggers, malware programs that record and transmit keystrokes in order to steal more information.