The History of Phishing

April 04, 2023

Phishing attacks have recently hit alarming levels, with one million in a single quarter recorded for the first time in 2022. Today, almost 91% of cyberattacks start with phishing emails, and the situation is expected to worsen. Anyone using email, text messaging and other digital communication methods is a potential target of phishing attacks. In fact, scammers send an estimated three billion phishing emails every day. While phishing attacks have proliferated in recent years, it is not a modern phenomenon. Criminals have used phishing techniques to trap their targets for decades. Read on to learn all about the origins, history and evolution of phishing.

Are you doing everything you can to avoid email-based cyberattacks? This checklist helps you make sure. GET IT>>

How did phishing begin?

The exact origin of the first phishing message can be tricky to pin down. A phishing technique was first described in a paper by the International HP Users Group, Intertex, in 1987. Phishing gained widespread notice in an early attack that spread malware called the Love Bug. The attack surfaced on May 4, 2000, when a malicious message titled “ILOVEYOU” popped up in mailboxes around the world. Attached to the message was a harmless-looking .txt file entitled LOVELETTER. However, when it was opened, the file unleashed a worm that would overwrite image files and send a copy of itself to all the contacts in the victim’s Outlook address book. A few years later, the first known phishing attack on eCommerce websites started with the E-Gold website on June 2001. 

When did the first major phishing attack take place?

AOL (America Online) users were the first targets of a major phishing attack back in the 1990s. At the time, AOL was the No. 1 internet access provider, making it an obvious choice for cybercriminals. Scammers started AOL phishing attacks by stealing users’ credentials and using algorithms to create randomized credit card numbers. The random credit card numbers were used to open AOL accounts that were then used to spam other AOL users through the AOL instant messenger and email systems. Most of these messages would ask users to verify their accounts or confirm their billing information. Since phishing was not a widely known threat back then, most people fell for these traps. Eventually, AOL started including warnings on its email and instant messenger clients to keep people from divulging sensitive information through such methods. 

a laptop screen showing a message telling the user that their files have been encrypted

Learn more about the 5 most damaging email-based cyberattacks businesses face today. GET INFOGRAPHIC>>

Where did the term phishing originate from?

Famous hacker and spammer Khan C. Smith is credited to have coined the term phishing. He first introduced the term “phishing” in the Usenet newsgroup after AOL rolled out measures to prevent using fake, algorithmically generated credit card numbers to open accounts. Many experts also believe that the first recorded mention of phishing was found in the hacking tool AOHell — a program designed by a teenager under the pseudonym Da Chronic to launch phishing attacks on the AOL portal. 

Why is phishing spelled with a ph?

The “ph” spelling of phishing is influenced by an earlier word for an illicit act: phreaking, which involves fraudulently using an electronic device to avoid paying for telephone calls. The people who perpetrated phreaking were called “Phreaks,” and since phreaks and hackers were closely linked, the “ph” spelling was used to denote the phishing scams involving these underground groups. 

phishing in silver on a pink background on top of a skull and crossbones

Is your email security solution really getting the job done? This checklist helps you find out! GET CHECKLIST>>

How has phishing changed over the years?

Even though the goals of phishing scams haven’t changed, phishing scams have changed and evolved greatly over the years as cybercriminals seek new ways to get around security measures as well as a wider awareness of phishing among internet users. Phishing scams have evolved into one of the most devastating cyberattacks over the years, resulting in severe losses for multiple organizations across sectors. Phishing is the gateway to other devastating cyberattacks like ransomware, business email compromise (BEC), account takeover (ATO) and other attacks. According to Google, 9 in 10 cyberattacks start with a phishing email. The biggest names in the tech industry, like Google and Facebook, have been victims of phishing attacks, resulting in millions of dollars in losses.

Now, let’s dive deeper and understand how phishing has evolved in the last two decades.

2000s – Phishing becomes mainstream 

Although phishing scams started in the 1990s, it was during 2000-2010 that phishing started taking the shape of the devastating attack we know today. While phishing attacks were in their nascent stage during the first half of the decade, it was only during the second half that phishing scams started to become a common occurrence. These attacks surged mainly due to the proliferation of eCommerce and online payment systems like eBay and PayPal. For instance, hackers emailed PayPal users, asking them to update their credit card details but stole their details instead. Phishers also started registering dozens of domains that looked like legitimate websites of famous eCommerce and online payment systems. 

Specialized software also started emerging during this period to handle phishing payments, making phishing a fully organized part of the black market. In 2008, Bitcoin and other cryptocurrencies were launched, allowing secure and anonymous financial transactions, and taking phishing activities to a new level.

Due to a lack of information and awareness, cybercriminals were able to successfully launch phishing attacks on many organizations across sectors in the 2000s. Between May 2004 and May 2005, about 1.2 million users in the U.S. suffered losses due to phishing attacks, totaling approximately $929 million. 

Get the guide that helps you detect & defeat dangerous BEC attacks to keep your company out of trouble! DOWNLOAD IT>>

2010s – Phishing proliferates and adapts

While financial gain is the prime motive of phishing attacks, cybercriminals have expanded their horizons to several other areas after 2010. Ransomware attacks using phishing techniques were the most significant development during this decade. In September 2013, the first cryptographic malware, Cryptolocker ransomware, infected 250,000 personal computers. Since then, ransomware and other malware attacks have become a menace for organizations across the globe.

Many phishing attacks have also been launched for political gain. A case in point is the phishing email that hacked Hilary Clinton’s campaign chairman John Podesta’s Gmail account in 2016. The phishing email prompted the user to change his compromised password using a malicious link, giving hackers access to his account. The same technique was also used to hack Colin Powell’s and Democratic National Committee emails. 

In this period, cybercriminals also started leveraging advanced tools to ensure maximum success for their phishing campaigns. They started adopting HTTPS more often, giving users a false sense of security. Many attackers started using the PowerShell tool to hide malicious scripts in the pixels of benign-looking image files, enabling them to evade detection and stay under the radar. The growth of social media also fueled the fire by offering cybercriminals a treasure trove of sensitive information. 

Learn how to add more hands to your security team without adding to your headcount. FREE EBOOK>>

Stop phishing attacks with Graphus

Social engineering is the prime component of almost all phishing attacks. That’s why you need Graphus to repel any kind of social engineering lure. It is the world’s first AI-driven email security solution that blocks phishing attacks before they are ever seen by employees. Graphus uses patented AI technology to spot and stop dangerous phishing messages, including sophisticated attacks that use social engineering. Graphus puts three layers of defense between a phishing email and your employees and automatically monitors communication patterns between people, devices and networks to reveal untrustworthy emails, making it a simple, powerful and cost-effective phishing defense solution for organizations. 

Here are some of the features that make Graphus the best email security solution:

  • Blocks sophisticated phishing messages before employees can interact with them  
  • Puts three layers of protection between employees and phishing email messages  
  • Seamlessly deploys to Microsoft 365 and Google Workspace via API, without email traffic rerouting or lengthy installs
  • Provides intuitive administration and precise reporting to help you gain insights into the effectiveness of your security, level of risks, attack types and more 

Book a demo of Graphus to protect your organization from cybercrime.

Stay safe from even the most sophisticated cyberattacks and social engineering scams

Put the powerful TrustGraph® AI of Graphus to work for your business, and in minutes you’ll get a powerful, easy-to-use, and customizable EmployeeShield® against phishing attacks.
Get a Demo of Graphus