Phishing is a high-tech scam that uses ‘spoofed’ e-mail spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information.
According to the Federal Trade Commission (FTC), phishers send an email or pop-up message that claims to be from a business or organization that you deal with regularly. For example, your Internet service provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to “update” or “validate” your account information. It might threaten some dire consequence if you don’t respond. The message directs you to a Web site that looks just like a legitimate organization’s site, but it isn’t.
The purpose of the bogus site is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name. Also, the bogus site can have software that tries to hack or gets you to install software used by hackers.
By ‘spoofing’ the trusted brands of well-known auction sites, banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them and still millions of dollars.
Additional information can be found at http://www.stopthinkconnect.org/tips-and-advice/overview/ or you can use a search engine to find additional information on Phishing.
Here is a example of a Phishing email spoofing a weblink. The weblink in the email looks like it is going to ebay but if one hovers over the link some email clients will show the real destination.