On the internet, "phishing" is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay and PayPal are two of the most targeted companies, and online banks are also common targets. Phishing is typically carried out by email or instant messaging, and often directs users to give details at a website, although phone contact has been used as well. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.
The first recorded mention of the term phishing is on the alt.online-service.america-online Usenet newsgroup on January 2, 1996, although the term may have appeared even earlier in the print edition of the hacker magazine 2600. A phishing technique was described in detail as early as 1987, in a paper and presentation delivered to the International HP Users Group, Interex. The term phishing is a variant of fishing, probably influenced by phreaking, and alludes to the use of increasingly sophisticated lures to "fish" for a user's financial information and passwords. The word may also be linked to leetspeak, in which "ph" is a common substitution for the letter "f". The popular theory that it is a portmanteau of password harvesting is an example of folk etymology.
Bottom line: don't give out information to people you don't know and trust!
