The word “phishing” is pronounced in the same way as “fishing,” but looks different. This is the essence of phishing on the Internet: it is something that pretends to be something that it’s not in an attempt to gain access to sensitive information such as passwords, log ins, usernames and financial data including credit card numbers and expiration dates. According to a report by Microsoft in 2014, the annual harm from phishing could be as much as USD$5 billion.
Phishers often try to gain access to sensitive information by sending out 
emails that look as if they come from legitimate companies such as eBay, Paypal, Bank of America and others. Today, hiring a designer and creating a webpage or an email that looks exactly like some other webpage or email is extremely easy. Therefore, you will not be able to tell a phishing email from a regular email simply looking at the design and content.
Phishing emails also try to get your attention and somewhat scare you. For this reason, they would often have subject lines such as “Paypal Important Notice About Your Account,” “Ebay Critical Notice.” One of the differences that you will see between a fake email and an email from a legitimate company is that a fake email is not likely to know the spelling of your legal name. For this reason, scammers are likely to use a salutation such as “Dear eBay user” instead of your name. However, even use of your name is not a guarantee that the email is not fake because you may be a high-profile target and scammers may have collected a lot of information about you already.