[Air-l] Spamming As "Phishing" .. ?

halavais at buffalo.edu halavais at buffalo.edu
Mon Aug 18 22:02:00 PDT 2003


Not sure exactly the sources or timing of the term, but people have 
been "phishing" on AOL for at least 6 years. AOLers were considered 
easy prey for social engineering, and circa 1997 was a period in which 
script kiddies were first coming into their own. Even those who could 
not write scripts could phone up users, saying they were from AOL, and 
have the user read their password over the telephone. They sometimes 
also asked the user for their credit card, a practice called, oddly 
enough, "carding." (Why not "karding"? Who knows.) 

Incidentally, parting people from their passwords hasn't gotten much 
harder, apparently. See 

I strongly suspect that "phishing" is simply "fishing" with the fone 
phreaks' "ph" to indicate that it was an illicit computing activity, 
rather than anything illicit having to do with Phish. Might also been 
that it was first practiced via phone, before the current email/trojan 
horse approach was taken up.


     |         Alexander Campbell Halavais         |
     |             alex.halavais.net               |
     | Assistant Professor, School of Informatics  |
     |  State University of New York at Buffalo    |

More information about the Air-L mailing list