In the mid-1990s, a new word entered the language. This quirky, harmless-looking term simply replaced the ‘f’ in ‘fishing’ with a ‘ph’. Yet the activity it described was blatantly criminal – the distribution of electronic communications ostensibly from a trustworthy source, but actually designed to dupe recipients into giving away their bank account or credit card details, usernames and passwords to computer hackers.
Since those early days, though, phishing has remorselessly evolved, diversifying and steadily transforming into an umbrella term with a multiplicity of evolutionary offshoots – each of which represents a subtly different weapon wielded by today’s highly professional cyber-criminal fraternity.
Whatever the phisher’s precise purpose, every time they succeed, one thing is absolutely certain. An organisation somewhere in the world stands to suffer a brutal blow to its balance-sheet, market share, investor confidence and/or corporate reputation. Phishing is far from being a victimless crime.