Phishing is the most common way to obtain private information. A phisher poses as a legit business and uses a fraudulent website.

As a phisher, what kind of information might you ask a user to verify?

Bank account passwordSocial security numberCredit card number

Yep! You'd ask the user to verify this on a website that looks and feels legitimate often with a real company logo.

Aren't we interested in as much information as possible?