A typical phishing attack uses the following mechanism: a user receives a link to a criminal web site intentionally designed to resemble one of the web sites that is regularly visited by the user. A user deceived into thinking the website is genuine can send passwords or other confidential information to criminals, which can then be used to cause material damage.
Phishing is most often used to trick people into disclosing the codes for accessing their credit cards, bank accounts and passwords for Internet banking accounts.
Anti-Phishing prevents phishing attacks by alerting the user when phishing sites are visited. The list of these sites is included within the threat signatures and regularly updated.