Comments: Any good definitions of Phishing?

Here is what it means to me (coined before I looked at the Wikipaedia offering):

A speculative fraud committed via a mass emailing
which is made to appear to originate from a source
the recipient is likely to trust and which attempts
to entice them into an action advantageous to the
sender and disadvantageous to the recipient.

I'll admit that as a concocted term whose meaning has been defined by example rather than definition, interpretations may vary widely and arguing about what it should mean is as pointless as arguing about whether Pluto should be considered a planet (which was similarly decided only by decree, not logic).

I for one would never consider a pure MITM attack as phishing, because there is not necessarily any 'bait'. MITM may however may be a means by which a phishing attack achieves its impersonation, but the key to it being phishing is the 'bait' message which initiates the transaction and misdirects the connection.

Some non-email based frauds may be considered phishing by some people. But I would not have understood, for example, phone based frauds to be phishing. To me that is simple fraud.

Bottom line is that without a suitable authority that accepts it as an official part of the English language and provides an official definition, it is a matter of opinion weighted by common usage and understanding.

Posted by Regards, Digbyt at February 24, 2007 08:06 AM
Post a comment

Remember personal info?

Hit Preview to see your comment.
MT::App::Comments=HASH(0x55d57169ac40) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/ line 125.