What is phishing primarily used for?

Phishing is primarily used for obtaining sensitive information fraudulently, which encompasses tactics where attackers impersonate legitimate entities, such as banks or trusted organizations, to trick individuals into revealing personal information, login credentials, financial data, or other sensitive details. This is typically executed through deceptive emails, messages, or websites designed to look authentic.

Phishing exploits human psychology and trust, capitalizing on a victim's willingness to engage with what appears to be legitimate communication. Therefore, the core intent behind phishing attacks is the illegal acquisition of confidential information that can be exploited for financial gain, identity theft, or other malicious purposes. The correct answer captures this malicious objective well, highlighting the fraudulent nature of the information-gathering process involved in phishing.

The other options presented do not accurately reflect the nature or intent of phishing. Enhancing email security or network performance does not align with the objectives of phishing; rather, these are defensive strategies against such attacks. Preventing identity theft relates more to the consequences of phishing rather than its primary objective.