Re: Description on phishing
Phishing is a technique of mixing fraud spamming (sending mass messages to email addresses collected illegally or made automatically) and social engineering (identity theft) in order to steal sensitive information to victims (full name, credit card number, login to access a website, etc..). Instead of trying to trap one after the other persons chosen for their simplicity or their vulnerability, the scammed contacts simultaneously several thousands or even tens of thousands of potential victims by trying to pretend to be their bank or any other organization or website, relying on large number of recipients to find gullible or careless.
Re: Description on phishing
A phishing attack often occurs in two steps: the user typically receives a message from his bank or other company (see two examples for the bank LCL and eBay) that informs a problem security or other action requiring him to visit the site in question and prompt for it to click a hyperlink. But it does not lead to the official site but to an imitation often identical to the original controlled by a malicious individual, so if the user clicks on the link and enters information will be forward directly to the scammed. Other variants exist, however, as an integrated form to fill in the message or request for a reply by return email (see example for Windows Live).
Re: Description on phishing
The word "phishing" come from the contraction of the words "phreaking" (hacking telephone lines) and "fishing" (fishing). In other words, phishing is a kind of fishing for victims via communication networks. If you have not provided the information requested in the fraudulent message, there is nothing particular to do except delete the message concerned. If by icons you have been abused and have communicated this information to the author of phishing, you immediately connect to the real site of the company whose identity has been usurped by entering address manually in your browser, then change your password to prevent misuse of your account.