Phishing is a social engineering
technique to fraudulently obtain personal information.
Typically, the phisher sends an e-mail that appears to come from a legitimate source, such as a bank or credit card company. In the e-mail, the victim is requested to verify some personal information. The e-mail usually contains a link to a fraudulent web page that seems legitimate to the untrained eye. The page the victim is being redirected to contains a form requesting everything from a home address to passwords and ATM PIN numbers.
Once the unwitting user submits this information, it is in the possession of criminals who can then use it for any purpose, e.g. to max out the victim's credit card or worse.