<security> ("brand spoofing", "carding", after "fishing") /fishing/ Sending e-mail that claims to be from some well-known organisation, e.g. a bank, to trick the recipient into revealing information for use in identity theft. The user is told to visit a website where they are asked to enter information such as passwords, credit card details, social security or bank account numbers. The website usually looks like it belongs to the organisation in question and may silently redirect the user to the real website after collecting their data.
For example, a scam started in 2003 claimed that the user's eBay account would be suspended unless he updated his credit card information on a given website.