What is phishing primarily used for?

Phishing is primarily utilized to gather personal information from individuals, often through deceptive means. Attackers commonly send emails or messages that appear legitimate, prompting victims to enter sensitive data such as usernames, passwords, credit card numbers, or other confidential information on counterfeit websites. The success of phishing relies on the exploitation of human psychology, making it an effective strategy for identity theft and fraud.

While other options involve activities related to cybersecurity or assessments, they do not encapsulate the main goal of phishing. Enhancing network security, installing malware, and conducting risk assessments serve different purposes within cybersecurity frameworks and are not aligned with the primary intent of phishing, which is to deceive individuals into surrendering their information.