Phishing (from fishing) is a form of internet deception, usually using email or copies of popular websites. Phishers use emails or websites which appear to be a trustworthy entity to fraudulently acquire sensitive information, such as user names, passwords, Social Security Numbers, and credit card details from their unsuspecting victims.
Phishing is either done generically to steal information from any entity they can, or is targeted at one specific individual or group. This targeted kind of attack, known as spear phishing, is generally more customized for the victim and therefore tends to be more convincing.
One commonly suggested method of avoiding phishing scams is to check the URL to ensure that one is on the proper website before entering any personal information or credit card numbers online. The best option is to contact the company whom the email claims to be associated with. Phishing scams often claim to be a user's bank, or a service they may use (such as eBay), needing personal details confirmed as a security measure. In fact these practices are not something that legitimate companies engage in. Consumers are urged to report phishing emails and websites they encounter to their email providers and to the Federal Trade Commission.