What is Phishing?

Phishing is automated Identity Theft on steroids. This is the best way I can describe it.

Phishing is an attempt to obtain victims’ personal information such as user names, passwords, credit card numbers, bank account numbers, PINs, Social Security Numbers and other extremely sensitive information.

The word Phishing has a similar meaning as Fishing, except, in this case, the Phishers go Phishing for sensitive information.   The victim is referred to as Phish.

The hackers love using “ph” instead of “f”; it goes back to the old days of phone phreaking.

The term Phishing was first used around 1995, when crackers were tricking AOL user into giving out their user names, passwords and credit card numbers by pretending to be AOL employees.  Eventually, AOL implemented a system that would disable accounts that were involved in Phishing attacks.

But the Phishers quickly realized that they don’t need AOL; they figured they could target more people and get a lot more in profits if they pretended to be banks, online auctions, online merchants, PayPal and any other well known entity that people are more likely to do business with.

By the end 2003, Phishing became a huge problem and netted a lot of money for the crooks.  Since then, the Phishing schemes became more sophisticated and slick.

Phishing emails may contain malicious links to fake websites, which look very authentic and where potential victims are prompted to “verify” their log in information.

These emails may also come with “attachments” that are actually some type of spyware.

There are a few things to watch out for:

  • There is always some type of urgency or security notification.
  • The greeting is always generic; for example, “Dear Customer”, “Dear Merchant”, “Dear User”, etc.  An email from a legitimate business you have an account with will refer to you by your name.
  • There are misspellings and sentence styling is off.

I would like to expand on this topic at one point, because there is so much more to know about how phishing works, where it comes from, who goes phishing, etc.

Please ask a specific question in the comment section and I will answer it with a video and a post.

There are a couple of great books I can recommend for further reading, which I very much enjoyed. I am a geek, what can I say.

Phishing: Cutting the Identity Theft Line (As far as technical books go, this one is an easy, breezy read.)

The Real Hackers’ Handbook: Fourth Edition  (I love this book! Dr. K rocks!)

Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft (Such a great resource!)

 

About the Author

Lana is a real life Identity Theft Victim. Identity Theft Manifesto is a result of her own struggles to clear her credit, her name and reputation. She is on the mission to research, learn more and educate her readers about ID Theft Crime.