Phishing is the most common way to obtain private information. A phisher poses as a legit business and uses a fraudulent website.
As a phisher, what kind of information might you ask a user to verify?
Yep! You'd ask the user to verify this on a website that looks and feels legitimate often with a real company logo.
Aren't we interested in as much information as possible?