Phishing through the years

Lately, I’ve noticed that phishing emails are hardly distinguishable from real ones. Where are the days when you could just laugh heartily at the desperate attempts of these cybercriminals? The question used to be, “Who falls for this?” when you showed a funny example to your colleague. Now the question is more, “How can I tell this is phishing?”

Filled with nostalgic feelings and longing for the good old days, I googled the evolution of phishing, a phenomenon that appeared on the digital scene as early as 1996. And that wasn’t the only interesting fact I came across. Phishing scams use fake emails and websites as bait to trick unsuspecting victims into voluntarily exposing their sensitive information. Just like you use bait to catch fish. And that’s where the name comes from. “But why is it spelled with a ‘ph’?” I hear you ask. Well, that was also traceable. Hackers were then also called “phreaks,” and “phreaking” referred to experimenting with and studying telecommunication systems by these underground groups.

In the beginning, phishers created credit card numbers using an algorithm. It sounds complicated and not really foolproof, but it turned out that they hit the proverbial jackpot often enough through the sheer volume of attempts to make it profitable. With the created fake credit cards, they opened accounts with the American internet provider AOL, and they used these to send out more phishing attempts. Until AOL put a stop to it.

ing-phishing-ezgif.com-webp-to-jpg-converter_EN

The next step was what we still encounter in phishing emails today: they posed as employees of a company and sent emails with urgent requests and threatening consequences. And yes, phishers wouldn’t be phishers if they didn’t pose as employees of the very company that thwarted their previous plans: AOL. Over the years, phishers expanded their repertoire to emails from banks, online stores, postal services, customs, tax authorities, and so on. They also got better at it, realized they needed to make fewer spelling mistakes, and started getting more creative in their attempts.

I really long for the time when I could still chuckle at the repeated message that I was the millionth visitor, no matter which site I visited, or the chance to win a €100 voucher for the local McDonald’s. Click now! Those were the days.