Phishing is the act of attempting to fraudulently acquire through deception sensitive personal information such as passwords and credit card details by assuming another's identity in an official-looking email, IM, etc. The user is provided with a convenient link in the same email that takes the email recipient to a fake webpage appearing to be that of a trustworthy company. When the user enters his personal information on the fake page, it is then captured by the fraudster. A message used for phishing purposes often asks the recipient to "verify your account" or to "confirm billing information".
The Anti-Phishing Act of 2005, put forth by Sen. Patrick Leahy (D-Vt.), calls for the criminalization of two essential parts of phishing attacks: establishing and creating web sites with the intent to gather information from victims to be used for fraud or identity theft; and the creation or soliciting of e-mail that represents itself as a legitimate business with similar intent.
