The second possibility is phishing e-mails. This is where spambots send masses of fake e-mails in which the recipient is asked to enter personal information on fake websites. These e-mails pretend to be from a known website and ask for the recipient’s password for security reasons. The person is then redirected to a fake website, which is deceptively similar to the authentic site. However, the password isn’t tested to see how secure it is, but instead it’s sent directly to internet criminals. Legitimate websites, mail providers, payment services, and online stores never ask for their users’ passwords by e-mail. Don’t just give out your information to anyone that asks. If you are unsure whether an e-mail is legitimate, consult the respective website.