A criminal will create a fake URL (website) which looks like a legitimate and secure website, but is actually set up to steal sensitive information for malicious purposes.
Criminals will attempt to lure users into visiting the fake URL via phishing emails/SMS/social media. Typically, attackers have targeted financial services for a direct profit gain, however they also employ this tactic in many other scenarios.
For example, recently universities in the UK have been targeted by overseas criminal groups. Attackers are using fake phishing websites which then redirect users to real login screens. By doing this, the attackers can then record any login details used, giving them access to online libraries which may include valuable intellectual property.
Make certain that you know how to defend against phishing. For detailed guidance, check out the entry on phishing from the NCSC's Small Business Guide [ https://www.ncsc.gov.uk/guidance/avoiding-phishing-attacks ].
Always check that the URL of the website you are being asked to log into is what you are expecting (look for misspellings or variations of phrasing, and misleading domain endings e.g. 'orguk.com'). Other signs include a website not behaving in a typical way (odd pop-ups, incorrect links, inconsistent content).
Protect your devices by ensuring that all software is frequently being patched and updated. These attacks exploit vulnerabilities, so make sure to use the latest versions of any software you have, and apply security patches promptly.
Ensure that firewalls have been correctly configured to reduce the ability to visit malicious websites. If you are not responsible for this, ask your IT manager/provider to confirm this has been done.
Install and run Antivirus software - make sure that it's updated regularly.