and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
Phishing is a continual threat, and the risk is even larger in social media such as Facebook, Twitter, and Google+.
Hackers could create a clone of a website and tell you to enter personal information, which is then emailed to them.
Hackers commonly take advantage of these sites to attack people using them at their workplace, homes, or in public in order to take personal and security information that can affect the user or company (if in a workplace environment).
Phishing takes advantage of the trust that the user may have since the user may not be able to tell that the site being visited, or program being used, is not real; therefore, when this occurs, the hacker has the chance to gain the personal information of the targeted user, such as passwords, usernames, security codes, and credit card numbers, among other things.
The first recorded mention of the term "phishing" is found in the hacking tool AOHell (according to its creator), which included a function for attempting to steal the passwords or financial details of America Online users.
Phishing on AOL was closely associated with the warez community that exchanged unlicensed software and the black hat hacking scene that perpetrated credit card fraud and other online crimes.
AOHell, released in early 1995, was a program designed to hack AOL users by allowing the attacker to pose as an AOL company representative.
After AOL brought in measures in late 1995 to prevent using fake, algorithmically generated credit card numbers to open accounts, AOL crackers resorted to phishing for legitimate accounts In order to lure the victim into giving up sensitive information, the message might include imperatives such as "verify your account" or "confirm billing information".
An example of a phishing email, disguised as an official email from a (fictional) bank.