How works Phishing in practice?
Phishing is a manipulative technique, using fraudulent e-mails that appear to be sent from a confidential source (e.g. from banks), or website imitations of confidential institutions, through which the attacker causes the victim to launch a sensitive information such as bank account number, password, access information to the company, credit card or payment gateway. The objective may be a complete identity theft. Filled data the attacker can then use for his favor.
Defense against fishing may be antispyware that avoids e-mails, or internet security software that can prevent the entry to the fraudulent website (if previously detected). Most important, as in the case of Pharming, is a caution of the user.