The History of Phishing and How to Remain Protected
By: Brian Wallace
Although the earliest forms of electronic mail trace back to 1965, e-mail was never intended to be secure. That is, however, because there was never anything to secure email from. The service of electronic mail lingered problem-free until the infancy of spam, and later, phishing. Today, 92% of malware is delivered via email; simultaneously, spam makes up over half of all emails. The underlying question is: how did the epidemic begin?
Phishing is a complex topic for those unfamiliar with technology and cybersecurity. In short, phishing is when a hacker tricks someone into giving them money or account access over email. Pretending to be a trusted colleague or brand, they fool the victim. Saying this, it is important to know how phishing derived.
Phishing is a form of spam. In 1978, Gary Thuerk sent the first mass, spam email to 397 ARPANET users. ARPANET was essentially the foundational platform email was built on. Thuerk’s spam move was so infamous, no one tried it again until 1988 when gamers got ahold of spam knowledge. Multi-user dungeons (MUD) games were extremely popular in these times, and high-tech skilled players began spamming their rivals’ accounts with junk email to crash their systems and prevent them from playing.
In 1993, Richard Depew became the first person to refer to “junk mail” as “spam” in reference to a Monty Python skit sharing the same name. The following year, the second attempt at mass spamming was made by a set of lawyers with a desire to advertise their business. In the end, Laurence Canter and Martha Siegel wrote a book defending the practice of spam.
At this point in history, spam was not seen as a security threat, but instead a mere annoyance. This is, until, phishing came along. The Warez community began using random credit card generators in the 1900s, stealing and hacking accounts of AOL users to open fake accounts. This grew so out of hand that AOL even stepped in, introducing new security measures that stopped the use of randomly generated credit card numbers in 1995; but by that time, the Warez community had already moved on to a new scam.
In 1996, the term “phishing” was officially created by a user in an AOL messaging forum: “AOL for free?,” alt.2600, January 28, 1996. The message read, “It used to be that you could make a fake account on AOL so long as you had a credit card generator. However, AOL became smart. Now they verify every card with a bank after it is typed in. Does anyone know of a way to get an account other than phishing?” – @mk590.
Phishing has never had a problem moving with time. As we are in the “cloud” era of time, phishing has quickly adapted. As email has become the weakest link in middle-manning phishing attempts, there are ways to protect your data in addition to what comes with your email account. Starting with DMARC, SPF, and DKIM tools could be great methods to preserve your data.
Becoming a victim of phishing can truly happen to anyone. Interestingly enough, in 2018, the FBI received nearly 50,000 reports of phishing and compromised email. In summation, this racked up a $1.8 billion cost. Staying protected starts with knowing the technology in front of you.
Courtesy of Avanan