Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!

Phishing Isn’t Fishing

By Joel Liebesfeld
May 1, 2008
The information available through search engines and other cyber sources have enhanced the prowess of the phishing criminal by making profiled lists of targets available.


One of the biggest dangers to cyber safety is Internet users who voluntarily and unwittingly give away personal information.   Specifically, there is a community of Internet pirates who elicit Internet users into divulging personal information, which is in turn used to commit some form of cyber crime against the users.

These pirates, who are also known as “phishers,” purposefully and fraudulently misrepresent themselves as some legitimate entity when in fact they are not.  Under the umbrella of the purportedly legitimate entity, the phishers induce the users into opening a gateway for extracting information from the users, which the phisers utilize for fraudulent purposes.  While phishers are not new to the Internet, what is new is the phishers’ extensive ability to permeate the personal lives of Internet users. 

Phishing criminals are scam artists.  Just as in the non-cyber world, the cyber criminals who are the most effective are those who convince their victims of the legitimacy or authenticity of something that is not legitimate or authentic.  Historically, phishers predominantly use e-mail as their conduit for perpetrating fraud.  To elaborate phishers, unbeknownst to e-mail recipients, use e-mails to induce users into opening the proverbial “Pandora’s Box.”

These e-mail addresses are often harvested using illegitimate means such as spyware and programs that trawl Web pages to capture addresses. While this use of trawling is not new, the ability of phishers to attach themselves to historically inert search engines is.  Specifically, the phishing criminal has evolved.  In earlier times, this sort of crime was literally a fishing expedition.  Unfortunately, the information available through search engines and other cyber sources have enhanced the prowess of the phishing criminal by making profiled lists of targets available, albeit illicitly.  In other words, unlike in the past, phishers can break into sites that legitimately store personal information and then can extract what is needed for mass exploitation.

Thus, euphemistically speaking, phishers are now able to steal the whole phone book as opposed to just a single phone number.  As such, the modern phishers have all the bait they need to capture the user without having to conduct a fishing expedition.   (The phishers’ acts victimize not only individuals but also legitimate businesses.)

The reality is that the preventative safeguards that exist for this type of crime are anemic.  The reason for this is primarily threefold.  First, as of now, from a legal standpoint, phishing is a crime that is regarded as something less than and distinct from its common law counterpart.  Specifically, the common law criminal act is better understood and more historically dealt with than the modern cyber criminal act.  As the reader well knows, the legislature continually struggles with defining and punishing criminal acts associated with Internet usage.  Second, phishing is an act that can be perpetuated from foreign countries and through many layers or barriers of encrypting platforms to protect the perpetrator.

As such, the criminal justice system is not only uncertain as to how to deal with phishers, but it is also presently unwilling to devote dollars to chase after elusive criminals that either may never be properly identified or may be situated somewhere where extradition is virtually impossible.  Third, there is currently no software that is completely capable of filtering data transmission. 

Is there an answer to the question as to whether the crime of phishing can be stopped?  In today’s reality, given the present levels of prophylactic technology/software, the answer is, probably not effectively.  On the other hand, the application of the time tested adages, such as let the buyer beware, remember that if something sounds too good to be true, it probably is, etc., have a lot of merit.  Thus, these authors recommend that e-mail solicitations, no matter how credible they appear, should be carefully scrutinized.  If you are not sure who an e-mail is from, the safest bet is to delete it.  After all, guarding your personal information may translate into guarding your money, property, etc., as well as serve as the best prevention against one’s life becoming chaotic.  

References
The Director of Research at SANS, Alan Paller, stated in the Journal of Counter Terrorism & Homeland Security International / Vol. 14, No. 1 magazine that, “their success level, and their ability to evade common defenses, is what’s new.”

Securing Your PC, A Complete Guide To Protecting Your Computer, Page 76 (2007).

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Joel Liebesfeld, MA, MAS, is chief executive officer with CounterMeasureSecurity.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • From Oil Rigs to Fishing Boats: Additional Terror Vulnerabilities Identified

    See More
  • shipping vessel in open water

    Fishing vessel cited for electrical hazards and poor sanitation

    See More
  • ISC First Day: TWIC Isn’t a Candy Bar; Packages Get Screened

    See More

Related Products

See More Products
  • school security.jpg

    School Security: How to Build and Strengthen a School Safety Program

See More Products

Events

View AllSubmit An Event
  • August 27, 2025

    Risk Mitigation as a Competitive Edge

    In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing