What is 'phishing?'

'Phishing' is a popular scamming method used by bad actors who make fraudulent emails look real

"Phishing" is a popular scamming method used by bad actors to gain access to people's sensitive information online by making fraudulent emails look real.

Here's how it works: Scammers send emails from addresses that look familiar or that incorporate the names of popular companies so recipients assume they are trustworthy sources.

Phishing emails are often presented in such a way that they look legitimate; they are written with formal language, are neatly formatted and use familiar logos or images.

Phishing email example, (FOX Business)

However, phishing emails also contain fraudulent links, and that's where the scamming process comes in.

By using familiar names in addresses and incorporating popular logos and images into their phishing emails, scammers aim to gain the trust of whomever they are targetting so that they click on fraudulent links within those emails.


For example, victims may receive an email from amazonpackageservices@yahoo.com that reads, "Your Amazon order has been delayed. Click here for details," along with a link. When users click on the link, it may tell them to "enter email and password for more information," or something along those lines, which is how scammers get access to information.

The links will sometimes lead to a fake website that imitates a real website and asks users to give their email addresses, phone numbers, passwords, credit card information and more.

Bad actors imitated the following brands most often to conduct the criminal act called phishing in the fourth quarter of 2019,  according to a Feb. 6 study by cybersecurity research firm Check Point Research: Facebook (18 percent of all phishing attempts globally), Yahoo! (11 percent), Netflix (5 percent), PayPal (5 percent), Microsoft (3 percent), Spotify (3 percent), Apple (2 percent), Google (2 percent), Chase (2 percent) and Ray-Ban (2 percent).

Phishing doesn't just happen via email, either; scammers can target victims via text message, too.


Bad actors will often use popular events to get users' attention. Sometimes, they will even track the online behavior of their targets to study their interests before they send an email or text in an attempt to increase the chance of getting the victim's attention. Think: the 2020 U.S. presidential election.

Scammers use President Trump's name in phishing emails more than all other 2020 presidential candidates combined, a Feb. 7 study by security software company Avanan found.

"Candidates are such a prime source for phishing," Avanan Director Dylan Press previously told FOX Business, adding that Trump's name was the most because he has "the most name recognition out of anyone, and he stirs up an emotional response."


To avoid being tricked into giving out personal data to scammers, people should avoid clicking on links in emails that come from unfamiliar addresses even if they use a candidate's name or logo.

"There is no reason to click on that email," Press said. "If you want to donate to anyone, Google their website, and I guarantee the first thing you'll see will be a [legitimate] donation link."