Webopedia defines Phishing as (fish´ing) (n.) The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft." The word first appeared in January 1996, and in ten years time it has gone from "huh, whuzzat?" to a commonly recognized term. 

There are hundreds, even thousands, of scams, but they all have one thing in common. They try to hoodwink the victim into providing personal information -- perhaps a password, a credit card number, a social security number or the like. Most of the scams ask the victim to verify information that the perpetrator of the phishing scam already has on file (well, they already SHOULD have it on file if they really are who and what they say they are.)

Most phishing scams are carried out using email or instant messages. Even though warnings are routinely posted, people fall victim to this scam every day. The messages are disguised to appear to be valid, often threatening to cancel a users account if they do not prove who they are. Attempts to control this crime include legislation, user training and technical intervention.

For more on phishing, try

Wikipedia: http://en.wikipedia.org/wiki/Phishing#PayPal_phishing_example

or check out the FTC Consumer Alert at: