Phishing emails appear to the receiver as if they were sent by a genuine sender, but they are not. Attackers use these emails to trick the victim into believing that there is a problem with one of their online accounts. An attacker could send a user an email explaining that they need to resolve some suspicious activity associated with their account. The email includes a link that directs the user to a fake website. This would, in turn, grant the attackers access to the users accounts.”]
Source: https://informationsecuritybuzz.com/articles/phishing-workplace/