"Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords. The information is then used to access important accounts and can result in identity theft and financial loss." 1
Phishing usually casts a wide net to get a large number of responses before the attempt can be identified as fraudulent. Spear phishing - highly-targeted phishing - focuses on individuals in more privileged positions.
Phishing usually begins with social engineering.