Phishing is not an exploit of a technical or application vulnerability, nor is it Malware (virus, Trojan etc) Phishing is a homophone of fishing, which involves using lures to catch fish. Phishing is the criminal persuading you or a family member to do something that will allow something bad to happen. Phishing is popular with cybercriminals, as it is far easier to trick someone into clicking a malicious link in a seemingly legitimate email than trying to break through a computer's defenses.
Typically a victim receives a message that appears to have been sent by a known contact or organisation. An attachment or links in the message may install malware on the user's device or direct them to a malicious website set up to trick them into divulging personal and financial information, such as passwords, account IDs or credit card details.
Phishing may sound like a fun play on words but the incidence is increasing daily and the effects can be disastrous if you drop your guard and click at the wrong time. Phishing is more an attack on the vulnerable person, not the vulnerable system.
The old, Nigerian banker who has $100million to get rid of, type phishing still traps the vulnerable but it has become old hat and now the criminals have been far more inventive in their ways of finding the vulnerable, when we are busy, tired or the latest news makes us more likely to click on an email from a "friend" with the latest gossip.
Idappcom offer a service whereby the known Phishers are detected and every 3 minutes new detection Protection Policies are written to improve by many times our subscribers' ability to detect and stop any communication with the criminal.