"Phishing" is the fraudulent practice of posing as legitimate websites or e-mail of banks, credit-card agencies, etc. and using such a means to trick people into inputting their personal information (such as name, address, account number, password, PIN, and credit-card number) into such bogus sites in order to illegitimately acquire that information. Financial damage is then generated as a result of fraud and impersonation based on this acquired information. As a typical mode of operation, unsolicited, fake e-mails are sent to users as if they had come from a legitimate source such as actual banks, etc. or users are craftily guided to phony websites with phrases like "change of user information is necessary" and "for verification". Personal information is then stolen by persuading these users to input their personal information via such phony (but genuine-looking) websites. Although the word "phishing" is considered to come from "fishing", the dominant explanation is that "phishing" came from the "sophisticated" manner in which these methods fool a user.