The term phishing has been around in computer hacker culture since the mid-1990s, where it originally referred more generally to the practice of acquiring password information in order to infringe security barriers. Its use specifically in the context of Internet-based financial crimes is more recent. The word is derived from a deliberate misspelling of fish in its verbal sense of trying to obtain information. The analogy of ‘trying to catch (a fish)’ is often carried over as well. For instance, the use of phish as a noun to refer to the e-mail which tricks the victim is related to the idea of fish as ‘bait’. Discussions of the practice often also include fishing references such as phishing lines, a phishing expedition, get caught/hooked by a phish.

The term phishing has been around in computer hacker culture since the mid-1990s, where it originally referred more generally to the practice of acquiring password information in order to infringe security barriers. Its use specifically in the context of Internet-based financial crimes is more recent. The word is derived from a deliberate misspelling of fish in its verbal sense of trying to obtain information. The analogy of ‘trying to catch (a fish)’ is often carried over as well. For instance, the use of phish as a noun to refer to the e-mail which tricks the victim is related to the idea of fish as ‘bait’. Discussions of the practice often also include fishing references such as phishing lines, a phishing expedition, get caught/hooked by a phish.