Skip to main content

Table 1 Definitions of phishing from four dictionaries and the APWG

From: Achieving a consensual definition of phishing based on a systematic review of the literature

Source Definition
Oxford University The fraudulent practice of sending emails
Press ([2014]), UK purporting to be from reputable companies
  in order to induce individuals to reveal
  personal information, such as passwords and
  credit card numbers, online.
Collins English The practice of using fraudulent e-mails and
Dictionary ([2013]), UK copies of legitimate websites to extract
  financial data from computer users for
  purposes of identity theft.
Merriam-Webster ([2013]), A scam by which an e-mail user is duped into
USA revealing personal or confidential information
  which the scammer can use illicitly.
American Heritage To request confidential information over the
Dictionary ([2013]), USA Internet or by telephone under false
  pretenses in order to fraudulently obtain
  credit card numbers, passwords, or other
  personal data.
Anti-Phishing Working Phishing is a criminal mechanism employing
Group ([2013]) both social engineering and technical
  subterfuge to steal consumers’ personal
  identity data and financial account
  credentials. Social engineering schemes use
  spoofed e-mails purporting to be from
  legitimate businesses and agencies, designed
  to lead consumers to counterfeit websites
  that trick recipients into divulging financial
  data such as usernames and passwords.
  Technical subterfuge schemes plant
  crimeware onto PCs to steal credentials
  directly, often using systems to intercept
  consumers online account user names and
  passwords – and to corrupt local navigational
  infrastructures to misdirect consumers to
  counterfeit websites (or authentic websites
  through phisher-controlled proxies used to
  monitor and intercept consumers’ keystrokes).