Explanation:
Phishing is a cyberattack technique where attackers impersonate trusted entities to deceive users into divulging sensitive information, such as login credentials, credit card numbers, or personal data.

These attacks are often carried out via fraudulent emails, text messages, or malicious websites designed to appear legitimate. Victims may be tricked into clicking malicious links or downloading harmful attachments.

Phishing campaigns can be highly targeted (spear phishing) or broad and indiscriminate. The goal is typically identity theft, financial fraud, or system compromise.

Additional Information:
Attackers often use social engineering tactics to gain users’ trust. Sophisticated phishing attacks may bypass traditional security mechanisms by mimicking trusted sources.

Organizations combat phishing through employee awareness training, email filtering solutions, and secure authentication mechanisms like two-factor authentication (2FA).

Formal Definition:
Phishing is a form of social engineering attack where malicious actors deceive users into providing sensitive information or installing malware by impersonating legitimate entities.