Phishing is an attempt to create an electronic document which attempts to mimic/masquerade an official/trusted source: most commonly banks and commercial companies. As you may have assumed, the term phishing is a play on the word fishing: as in to "bait" a person for information.
The purpose of phishing is to steal the: username, password or payment/personal details of a user of any electronic service; a phishing attempt will usually ask for one of the aforementioned details due to an "internal company error" etc.
While phishing can be incorporated into any electronic communication, it is widely attempted via electronics mail. Due to the ease of harvesting email addresses via the World Wide Web, using email to "phish" is a logical step for those who attempt it.
Email was originally a text only messaging technology, and phishing was/is less sophisticated via this route. However, via MIME protocols, email can support HTML; HTML emails are far more sophisticated, featuring images and hyerplinks, and can be "mocked" up to look exactly like an email from an official/trusted source.
Phishing is a serious online security issue; reports have suggested that millions of users are effected each year, with a financial loss of million of pounds per year in the United Kingdom via banking fraud.
General Phishing Description: Phishing is the act of sending of electronic mail (or other online messages) that pretend to be from a legitimate and well established company or individual. The message typically asks for sensitive data, such as credit card details or passwords, to online accounts. They can claim be from sites, such as eBay, or,ISP's like AOL. The email message is usually professionally designed with logo's and fonts; which look to have been genuinely sent from those the aforementioned companies. Perhaps the most serious of all: is the phishing emails claiming to be from banks, such as: HSBC, Barclays or Natwest. They can pose a much more significant security risk; which has forced online banks to improve the security processes of their websites. In the last year, HSBC has provided online bank customers with an electronic device - which produces a six digit unique code - to increase their login security. Online users should always remember that legitimate companies will never ask for any sensitive data by electronic mail.