Phishing is a type of malicious scam that aims to trick users into voluntarily providing sensitive information. This type of attack is know becoming very common as online banking and other financial transactions are gaining popularity.

This type of trickery does not employ much of complexity. It simply makes use of some known browser exploits in some cases, but mainly focuses more in social engineering to gain a victim’s trust. Here is how it works:

• Scammer crafts an email, usually from a bank, telling users that there is some important notice. The email either asks the victim to reply with the information (log-in ID, password, etc.) or asks the user to click the embedded link which is "poisoned" or directs to a fake website that looks almost the same as a real one, so that the user can "log in".
• When the message has been prepared, the cyber-criminal sends out. A user reads the message and responds to it, the scammer logs the details and later uses it to make fraudulent transactions.

Banks always warns their users to be on the lookout for these types of schemes. To be safe, simply ignore such messages and report it to the bank if possible.