WebProNews

The History Of Phishing (And Spam)

Having a spam email show up in your inbox nowadays is most of the time a harmless annoyance and we don’t really pay attention to them nearly as much as we used to. Spam has always been unpopular, but at one point it made the transition to phishing and has been a major problem ever since.

The internet started as MIT’s Compatible Time-Sharing System, which stored shared files on a central disk and users logged in from remote terminals to access these files in 1965. In 1971, the prototype internet called ARPANET got the @ symbol, letting users send messages to specific users and help differentiate computers, and thus email was born. In 1976, Queen Elizebeth II became the very first head of state to send an email. 

It would take another year for the first standard email to be sent, which is an email with a field for “To” and “From” and also the ability to forward messages but only a year after that for the very first mass email was sent. It was sent to 397 users in 1978, and was so unpopular that no one would try again for over a decade. In 1988, “spamming” was a prank played by players of multi-user dungeons (MUD) games. MUDers would flood their rival’s accounts with junk mail, preventing them from playing and crashing their systems. The term “spam” referring to junk emails was first said by Richard Depew, referencing a Monty Python skit of the same name. The second major attempt at mass marketing spam was in 1994 when 2 immigration lawyers sent a mass message advertising their services. But because email was not designed to be secure, spamming went from annoyance to major security threats when it turned to phishing.

In the 1990’s the Warez Community used randomly generated credit card numbers to open AOL accounts. Using hacked accounts they could send more phishing messages to the victim’s contacts. AOL quickly introduced new security measures that stopped the use of generated credit card numbers, but Warez was a step ahead. They pretended to be AOL admins requesting logins from other users, and the spamming game grew from there. 

The ILOVEYOU virus was the first spam that could send itself to other users. The Sirecam virus copied itself into existing files, making it harder to catch. The MiMail computer worm made it look like the emails it sent were from a trusted company. With each scam, phishing attempts became more sophisticated and believable. The John Kerry Fundraiser was a phony email sent that appeared to be part of John Kerry’s presidential campaign but instead of the donations that were sent in response to the email going to the campaign, it instead went to scammers. The Rustock botnet infected over a million computers before being finally shut down in 2011, used infected systems as a proxy server to send more emails, hijack search engine results, and even prevent access to certain legitimate websites. Many more viruses spread to thousands of machines leading to millions in damages.

Find out how to protect your email from phishing attacks and how to recognize phishing attacks before they can do any damage here.