A type of phishing that involves attempts by cybercriminals to obtain sensitive information by prompting or enticing users of websites and other on-line portals to visit fake websites/ portals that look like legitimate ones. This information include usernames and passwords, banking information, credit card details, etc.

In so doing, cybercriminals send phishing emails/ messages/ links over social media portals to potential victims, directing them to malicious websites or pages where their credentials and personal details will be collected (phished) so that phishers can extract useful information to log in to victims’ accounts and lay hands on their money and other resources.