Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication.Typically carried out by email spoofing or instant messaging,it often directs users to enter personal information at a fake website, the look and feel of which are identical to the legitimate site.
Phishing is an example of social engineering techniques being used to deceive users. Users are often lured by communications purporting to be from trusted parties such as social web sites, auction sites, banks, online payment processors or IT administrators.
Attempts to deal with phishing incidents include legislation, user training, public awareness, and technical security measures — because phishing attacks also often exploit weaknesses in current web security.
The word itself is a neologism created as a homophone of fishing, due to the similarity of using a bait in an attempt to catch a victim.