Pronounced "fishing", it's a term to describe a collection of methods used to steal identities on the Internet. These methods use "social engineering" to make the user surrender their credentials.
The most common vulnerability that these methods exploit is that in most cases the person who receives an e-mail cannot authenticate the sender. It is very easy to spoof the information that appears in the “from” field of an e-mail message. It is also easy to make a link or a URL that looks like it is an authentic bank or credit card company.
A common phishing attack is a simple e-mail message that looks like it comes from a bank or credit card company and asks the recipient to go to a web site to log in. When on that web site, their login ID and password are captured, and then the user is asked to confirm or correct some information about the user or their account. All of this information is collected and often used for theft.