Phishing is the attempt to represent one’s self – typically via email – as someone or some organization that you are not, for the purposes of maliciously acquiring sensitive information.
The most common examples of phishing emails are carefully crafted to appear as if they had come from a banking institution, directing the recipient to a web site which itself looks very much like the bank’s official website. The catch is that the email is not from the actual bank, and the website is a forgery. By fooling the visitor into thinking that the site is legitimate, the phishers can obtain that person’s log-in credentials when they attempt to log in to this fake site.
Some very poor yet surprisingly successful phishing attempts don’t use web sites at all, but simply portray themselves as a major online service in email. The email requests that the recipient reply with account information, often including username and password, for some made-up yet important-sounding reason.