Phishing is a common fraudulent technique. Fraudsters would pretend themselves to come from legitimate organisations such as banks, payment service providers and online retail merchants. They would trick a victim to provide sensitive information and personal data including password, credit card / bank account information, through electronic communications such as emails and SMS. The phishing emails may also include a malicious hyperlink, attachment for the recipients, or providing a QR code for redirecting the recipient to illegal websites and install a malicious software in a victim's PC / mobile phone, which results in hacking activities afterwards.
Phishing emails and SMS could be very difficult to be distinguished from the emails and SMS sent from legitimate organisations. And the phishing website provided by the email could look like a genuine homepage of the organisation. Once gained access to this fraudulent website, victims are usually required to input personal data, for example, login name, account number, password or security code. These phishing websites would collect the data you provided, allowing the criminal to gain financial benefit from your loss.