Phishing is a type of attack usually used by cyber-criminals to discover account access details of potential victims. Phishing relies on getting people to enter their login details for a particular website (usually one offering financial services, such as banks, or payment services) into another lookalike website purporting to be the real one.
This is usually done by requesting people to click on emails which state that unless they do so, unfortunate consequences (such as their account being shut down) will result. The collected details, now in the hands of criminals running the pretend website, are then used by them to log onto the real website, after which they are able to act as the account holder and perform all actions the real user is authorised to perform.
Last updated: 2 September 2017