What is phishing?

Phishing is a type of cybercrime that involves fraudulent attempts to obtain sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy source. The essence of phishing lies in its deceptive nature; the attackers usually create emails or websites that look like they belong to legitimate institutions, tricking individuals into divulging personal information. This technique exploits the trust people have in established organizations, which is why option B accurately describes phishing as fraud that appears to come from legitimate sources.

The other choices do not accurately capture the nature of phishing. Legitimate requests for information do not involve deception or intent to defraud, so that choice does not pertain to phishing at all. Data protection practices are aimed at safeguarding information rather than deceiving individuals, and methods for secure data transfer relate to techniques intended to protect data during transmission, which is contrary to the deceptive motives behind phishing.