Phishing is a cyber scam where attackers pretend to be a trusted person, company, or website to trick you into revealing sensitive information like passwords, bank details, or OTPs, or into clicking a malicious link.

Quick Scoop

Phishing usually arrives through email, text messages, social media DMs, or fake websites. The goal is often to steal login credentials, money, or to install malware on your device.

How it works

Attackers make the message look believable and urgent, such as saying your account is locked or you need to verify something right away. If you click the link and enter details on the fake page, the attacker can capture your information.

Common signs

  • Urgent language or threats.
  • Spelling, grammar, or branding mistakes.
  • Suspicious links or strange sender addresses.
  • Requests for passwords, card numbers, or OTPs.
  • Messages that feel “too good to be true”.

How to stay safe

  • Don’t click unknown links.
  • Check the sender’s address carefully.
  • Go directly to the official website instead of using message links.
  • Use multi-factor authentication.
  • Keep your browser, apps, and antivirus updated.

If you want, I can also give you a very simple 2-line definition or a school-style answer.