According to Wordspy, the term phishing comes from the fact that attackers are "fishing" for data. Why "ph"? Wordspy says something about using so
In the past, phishing attacks usually appeared as e-mail from some legitimate company; Citibank and PayPal are frequent targets, for example. The e-mail usually says something to the effect that the company is reverifying account information and needs you to re-enter it. The e-mail will either have a link to a similarly fraudulent Web site or perhaps an HTML form directly in it.
Plenty of people fall for these e-mails, even though its not hard for a more-sophisticated user to see right through them. I found it easy to tell that the Citibank e-mail about my account was phony since Im not a Citibank customer. However, many people who receive such e-mails must assume that some mistake was made and chalk it up to mega-corporate incompetence.
Ive received many such messages myself, and in almost every case by the time Ive received the e-mail, the corresponding Web site is already down. Thats because the big companies that are targeted by these attacks are pretty good at contacting (threatening) the hosts of the offending pages and persuading them take the page down.
At the same time, there are a few things you can look at for guidance if you suspect youre being phished. The first thing to look for is if the message asks you to send personal information directly in e-mail. This is a really bad idea, although its not actually proof that the requestor is a scammer.
I once had a hosting account at Hostway and contacted technical support. The support person actually asked me in e-mail for my username and password. That was the moment that I decided to take my hosting business elsewhere.
If the message doesnt come from an address at the company it supposedly represents, thats also suspicious, but not dispositive. Sometimes real companies will hire third parties to send out bulk mailings for them. There are good ways and bad ways to handle this of course, but it means you have to dig a little deeper.