Phishing, in general, is a type of Internet fraud in which a person uses various tactics to steal funds and identity from an unsuspecting person or business. The means in which this is done ranges from dating scams and forming personal relationships with their victims, spyware or viruses on people's computers to access passwords, electronic emails or messages that seem legitimate or other forms of social interactions. Typically, the goal of phishing fraud is to gain personal information which will help the scammer to steal the person's money and identity for their own financial gain; this includes their full name, address, phone number, bank account information, social security number, and passwords.
One of the most common ways phishing is done by thieves is through e-mail spam. They will create an email seemingly coming from a reputable business like Citibank or PayPal, along with the company's logo in the email to trick the victim, and requesting for them to click on a link to verify information or update their password. The instructions are to click the link and enter they username and password, often times asking for an account number as well. Instead what they are doing is providing the scammer with everything they need in order to "phish" their account and steal their money. PayPal phishers are also known for going one step further and changing the victim's password so that they cannot even get into their own account.
Another common way is through romantic fraud whereas the person builds a long-term relationship with the victim, thus gaining their trust and requesting money and personal information. As they begin learning more about the victim, they gain information such as their full name, social security number, date of birth, banking institution, PayPal account information, address and phone number; all of which can be used in order to steal and scam this person.
There are a number of ways you can protect your identity and yourself from being scammed by these criminals. First, be weary of emails you receive. Never click on a link in an email; instead, go directly to the website address using your own means, and log=in that way. PayPal has made a statement saying they will never ask you to click on a link in an email that "verifies" or "updates" your information, as many of their customers have been scammed. Always have a malware detecting program that will warn you of unsafe websites and activity, and also remove spyware and viruses form your computer. Avoid entering your personal information in a pop-up screen; legitimate businesses will have a professional-looking form on their site with extra protection, not to be entered on simple pop-up windows. You should also never open an email attachment that you have not been expecting or is not from someone you know, these are known for containing viruses that will infect your computer and phishing tactics.