To this end a phisher - the author of a phishing attack - will use devices such as emails and websites, which are in most cases replications of real ones, to deceive his victims and make them believe that the email or the website is legitimate in order to harvest the victim's personal information (such as username, password, date of birth, etc).