An attempt to illegally gather personal and financial information by sending a message that appears to be from a well known and trusted company. A phishing message typically includes at least one link to a fake Web site, designed to mimic the site of a legitimate business and entice the recipient to provide information that can be used for identity theft or online financial theft.
The practice of luring unsuspecting Internet users to a fake Web site by using authentic-looking email with the real organization's logo, in an attempt to steal passwords, financial or personal information, or introduce a virus attack; the creation of a Web site replica for fooling unsuspecting Internet users into submitting personal or financial information or passwords.
Phishers send the email messages that falsely claim to be of an established or already existing legitimate organization. Phishing is done to scam the user to submit private information (which is used for identity theft). The email message directs the user to visit a Web site where the user is asked to update personal information, such as passwords. The Web site, however, is bogus and is set up only to steal the user’s information.