act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
A study carried out by North Carolina State University discovered that 92.5% of participants failed to detect fraudulent emails.
The findings are alarming given the growing personalisation of phishing attacks, in which scammers try to lure personal and proprietary information out of victims by posing as entities such as banks, airlines, stores and government agencies.
If you are unsure whether an email is legitimate or not, first check the email address the message was sent from and do not click on any links.
Read more the whole article here.