written by: Ashwin Satyanarayana•edited by: Rebecca Scudder•updated: 8/14/2008
Phishing is the simple act of "fishing" for your information -- be it personal or financial. It is now turning out to be exceedingly dangerous, causing a combined loss of thousands of dollars to both individuals and businesses. This article takes a peek into the history of phishing.
slide 1 of 3
Phishing as a resident PC evil
Once upon a time, a bunch of geeks with spurious intent went about shooting some text-heavy emails to undiscerning recipients who were, as usual, curious and naive enough to read them. Little did they know that these emails had been sent to “phish" for their confidential information. “Phish" comes from “fish"– although we needed something else to distinguish the necessary and innocuous “fishing" from the malevolent practice of “Phishing"- which brings in a little of “ph" to the term.
The term was originally coined in 1996, when a team of hackers were said to have termed this activity as “phishing" while they were engrossed in hacking some AOL accounts and scamming passwords from those unsuspecting AOL users. We wish things had stayed at this level of activity, but it has gone far beyond this today.
Until late 1997, the media didn’t make an official reference to phishing activity. When a bunch of AOL accounts were called “phish", this used to be some sort of an electronic currency among the world of hackers – they could use this currency to trade, say 20 phish for a piece of software or for another phish, as per the hackers’ needs.
Unsuspecting consumer data as Electronic Currency? – It’s just the beginning!
Florida Time Union, on March 16, 1997 had to say this about phishing “The scam is called Phishing, as in fishing for your password, but spelt differently" – said Tatiana Gau, VP of integrity assurance for online service.
In the due course of time, as we know, phishing has obviously matured, grown sophisticated and now become exceedingly elite in what it attempts to do. It isn’t about scamming people for passwords alone. It has now expanded its range and the scope of activity is now rather blurred due to the expansive range of malicious activities it seems to have under its aegis –from sending emails to provoke people to give out their confidential data – personal, financial and business; it has evolved into payload embedding, Trojan attacks, Man in the Browser Attacks (MITB) and Man in the Middle attacks. (MITM). While it started out attacking AOL users, it now attacks every one – from unsuspecting individuals to huge financial Institutions, banks, trading companies and other businesses.
Phishing is everywhere and the bait is all around us. When it bites you, you bleed.