Phishing email messages, websites, and phone calls can be carried out for the purposes of stealing credentials, in order to steal money, defame sites, and any number of other reasons. Attackers can do this by sending malicious software to your computer in the hopes of getting you to run it, or by tricking you into sending personal or sensitive information (such as passwords and other credentials).
Cybercriminals also use social engineering to trick you into running such programs or send such information. They may email, call, text or try to get you to download files from a website. Phishing emails can take many forms, but generally they will present some false pretence as to why they are entitled to the information, or have the authority to get you to do what they need you to.
Here is an example of what one may look like:
Some key things to look for are:
If you see one of these emails, do not respond to them, instead, look up the site they claim to be representing, and find a real email address on the site to alert them of the threat.