Phishing

The term phishing defines a criminal activity that uses techniques of social engineering (manipulating users to obtain confidential information) to gain access to sensitive data such as bank account numbers, PIN codes, etc.

Access is usually achieved by email masquerading as a trustworthy person or business (e.g., financial institution, insurance company). The email can look very genuine and contain graphics and content that may have originally come from the source it is impersonating. You will be asked to enter some of your personal data—bank account numbers or usernames and passwords —under various pretenses (data verification, financial operations). All such data, if submitted, can easily be stolen and misused.

Banks, insurance companies, and other legitimate companies will never request usernames and passwords in an unsolicited email.