A way of attempting to acquire sensitive information, such as user names, passwords, and credit card details, by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social websites, auction sites, online payment processors, or information technology administrators are commonly used to lure the unsuspecting public. Phishing typically is carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website that looks and feels almost identical to the legitimate one. Phishing is an example of social engineering techniques used to fool users, and it exploits the poor usability of current Web security technologies.
