Not until much later, as the credit card bills add up, do you find out that the website was a fraud, designed to steal your personal information. Unfortunately, you've just been phished.
So what is "Phishing"? It's the act of sending an email that falsely claims to have an established, legitimate business with the intent of scamming the recipient of the email into revealing their personal information with the ultimate intent of stealing the recipients personal information and identity.
It's not as easy as you think to spot a phishing email. The criminals go to great lengths to make the email appear to be legitimate. It's not unusual to find the "From" field to have the correct email of the address of the true business. And when you click on the "take me there" link you find a fake website designed to replicate the legitimate site.
These professional criminals spend a huge amount of time replicating the look and feel of legitimate emails and websites but there are ways to reveal the scam so you don't get caught up in it. Place your mouse over the link in the email and look in the bottom left corner of your email application. That will reveal the true website you are being directed to. If it doesn't have the website address of the legitimate business don't click on the link! This is just a quick way to verify the legitimacy...or illegitimacy...of the link you are about to click on.
But the best rule is this...never, ever click the links within the text of an email you've received from someone you don't know and weren't expecting. No legitimate business is going to ask you to reveal in email any personal information. If you need to verify that information is correct with a company you do business with always go directly to their website by typing the full URL into your browser. At least then you can be confident that you are at the legitimate website of that business.