Phishing is the practice of obtaining personal or financial information through spoofing or disguising a malicious request for information as something legitimate and trusted by the target. This is usually carried out in the form of an email, text or SMS message, or with a pop-up ad or spoofed website. The material is deliberately disguised to look like either a trusted institution, website, social media network, or a communication from a friend or family member.
Phishing can range from a nuisance to an extremely dangerous form of cyber-crime, but the critical thing about it is how effective it can be. Phishing takes advantage of carelessness, laziness, ignorance on cyber-security, or fear-based mechanisms to deliberately deceive users into providing sensitive personal information. Phishing can allow criminals access to bank accounts, email accounts, financial and personal documents, and your device itself. This facilitates criminal activity like cyberextortion, identity theft, and fraud.
Make sure that you are able to definitively source links, executable files, and attachments in emails. Do not click on strange, unknown links without sources, and ensure that you're not on a spoofed version of a social network, financial institution, or other website where you are entering sensitive personal information. Limit what information you share online, such as what bank or financial institution you use.