Phishing is a type of computer and internet fraud that involves the creation of false digital resources intended to resemble those of legitimate business entities, such as a website or email, and dissemination of seemingly legitimate digital correspondence that leads back to those false resources via email or URL to induce individuals to reveal or disclose sensitive, personally identifying information.
Other variations of phishing include smishing, vishing, and spear phishing. Smishing is a form of phishing that sends a virus to the phone of a recipient over text or SMS in order to extract data such as communications or other personally identifying information. Vishing involves the use of phone calls to phish, employing Voice Over Internet Protocols to spoof caller ID that resembles legitimate organizations to deceive intended victims. Spear phishing, also known as whaling, is yet another form of phishing that is targeted at specific individuals within an organization or group, typically a CEO or executive board members of a company but may also target users of a social networking website.
Victims of phishing in California are entitled to relief under the Anti-Phishing Act of 2005 to the greater of either the actual cost of the damages they have suffered or $500,000.
[Last updated in July of 2020 by the Wex Definitions Team]