phishing

In computing, phishing is the process of attempting to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. PayPal, eBay and online banks are common targets. Phishing is typically carried out by e-mail or instant messaging,[1] and often directs users to enter details at a website, although phone contact has also been used.[2] Phishing is an example of social engineering techniques used to fool users.[3] Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

A phishing technique was described in detail as early as 1987, while the first recorded use of the term "phishing" was made in 1996. The term is a variant of fishing,[4] probably influenced by phreaking,[5][6] and alludes to the use of increasingly sophisticated baits used in the hope of a "catch" of financial information and passwords.