A form of fraud that involves masquerading as a trustworthy entity in an electronic communication (often using forged emails or websites) in order to persuade users to disclose sensitive information such as usernames, passwords, or credit card details. See also semantic attack.