Acquisition of identity/passwords by false bank emails and websites.

(Also known as carding and spoofing) Attempting to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an email or an instant message. The term phishing arises from the use of increasingly sophisticated lures to "fish" for users’ financial information and passwords. Sophos email and URL filtering products are configured by default to detect phishing schemes.