Phishing is the practice of sending out fake emails, or spam, written to appear as if they have been sent by banks or other reputable organisations, with the intent of luring the recipient into revealing sensitive information such as usernames, passwords, account IDs, ATM PINs or credit card details. Typically, phishing attacks will direct the recipient to a web page designed to mimic a target organisations own visual identity and to harvest the users personal information, often leaving the victim unaware of the attack.

Website: http://www.honeynet.org/papers/phishing/