Phishing is the practice of tricking a user into using malicious software that is designed to look legitimate. The malicious site may try to harvest credentials, or trick a user into downloading a tampered version of key software. For example, if you are tricked into logging into a malicious website at c0inbase.com, the attacker can then use your username and password to access your Coinbase account.