What is Phishing?

Any regular netizen already came across phishing multiple times, and most get introduced to it via spam emails. In most instances, these are the fictional emails from what seems to be an authority (bank, PayPal, IRS, state) which try to lead the recipient to provide sensitive personal information on a phishing website with a similar URL to the actual authority website. Commonly used with email spoofing, phishing is also common in instant messengers.

Similar to the meaning of the word "fishing", these sent emails or messages are meant to bait people into leaving their personal information, credit card information, logins and passwords on a phishing website. In general, the activity is conducted by cyberspace criminals whose final intent is to empty the victims' credit cards or steal their identity for other fraudulent activities.

When did phishing start?

The first noted phishing activity was in 1987, although the term itself became popular after 1996. In the mid-nineties, AOL was known to have witnessed a big number of online crimes. The occurrence was attributed to lackadaisical sharing of pirated software, where hackers feasted on getting credit card details. From there, many attempts to stop phishing have taken place. But phishers were quick and wise as well. They have innovated means to do fraudulent online transactions, leaving AOL users helpless.

As AOL then imposed very rigid systems to safeguard users, the phishers turned to other institutions such as banks, credit card companies and others.

Early schemes and phishing techniques

Over the years, there have been thousands of noted phishing techniques witnessed by mostly just the victims. As it's usually taking place over the worldwide web, the rise of online purchases and services put every Internet user at peril. Terms such as 'spear phishing' and 'whaling' are largely similar to the main phishing activity. The 'spear phishing' methods have victimized in bulk the customers of banks or services. On the other hand, phishing attacks targeting people with higher business profiles have become known as 'whaling'.

Phishing at social network sites

These days, the most obvious form of phishing would be through social networking sites such as Facebook, Twitter and MySpace. With millions of users who provide their personal information in these profiles, many fall victims to identity theft. Often, Internet users are led to websites that could record their login details. Others are lured to use applications that allow fraudulent software to access sensitive personal information to the users' accounts.

The continuing fight against phishers

Much damage has been caused by phishing. Mostly, the victims are people and organizations that aren't as keen on how phishing works. In the United States alone, millions of dollars have been reported each year as a loss to businesses due to phishing. Indeed, it is something that needs to be decreased. But it has been a tumultuous battle since the phishers are also intelligent, crafty and persistent. Many governments have imposed cybercrime measures to end the fight and there are also various technologies designed to ward of phishing activities. Even the leading browsers have laid out huge investments to provide phishing protection.

On the technical aspects, phishers can be beaten with use of browsers that sends out alerts when websites are found phishing – the problem being as this comes usually after there are already a few victims which reported it. Banks and big companies offering services and products online have also taken actions on the matter. Examples of their moves would be added login requirements and complex steps in ensuring that their clients are actually the one's logging in, not the phishers. So far, many would-be scams have been prevented by these anti-phishing actions.

You need to take part against phishing

For Internet users, it's always best to be well-informed about phishing to avoid being scammed. For starters, users must be always on guard against spam and know which emails to immediately delete. Have your online accounts, bank and other billing statements periodically checked to make sure no phisher had made transactions.

One can also avoid phishing dangers by not clicking on links, downloading files or tending to email attachments from people or companies they don't know. As phishers are always on the watch, one can avoid their modus operandi by always keeping the computer protected. This could be done via spam filters, antivirus and anti-spyware software. Also, when submitting personal information, one should make sure first that it is only sent or mentioned to secure and identified websites or over the phone where the user initiated the call.