Phishing (pronounced "fishing") is a type of online identity theft. It uses email and fraudulent websites that are designed to steal your personal data or information such as credit card numbers, passwords, account data, or other information.
Con artists might send millions of fraudulent email messages with links to fraudulent websites that appear to come from websites you trust, like your bank or credit card company, and request that you provide personal information. Criminals can use this information for many different types of fraud, such as to steal money from your account, to open new accounts in your name, or to obtain official documents using your identity.
For more information about phishing scams, see Email and web scams: How to help protect yourself.
Criminals who send out phishing scams (often called "phishers") send out millions of messages to randomly generated email addresses. They fake or "spoof" popular companies in order to fool the largest number of people.
For more information, see How do spammers get my email address?