As early as 1987, phishing technology was described in the form of papers and briefings and delivered to the international HP user group under the Interex system. The word "phishing" was first mentioned in the alt news group. Online service. America-online usenet10.2, 1996, although this term may have appeared in the written version of Hacker Magazine 2600 earlier. Online fishing in AOL is closely related to the warez community that exchanges pirated software. Because AOL took measures at the end of 1995 to prevent the use of forged credit card numbers generated by the algorithm to open accounts, AOL crackers turned to online fishing to obtain legal accounts.

An online fisherman may pretend to be an AOL employee and send an instant message to a possible victim, asking him to disclose his password. In order to induce victims to give up their sensitive personal data, the content of communication is inevitably similar to "verify your account" or "confirm billing information". Once the victim's password is found, the attacker can obtain and use the victim's account to commit fraud or send spam. Phishing and warez generally need to develop their own applications in AOL, such as AOHell. With online fishing becoming so common in AOL, the company added a statement to all its instant messages: "AOL employees will not ask for your password or billing information. People who work at AOL won't ask for your password or billing information.

After 1997, AOL noticed phishing and Warez, and tightened its policy to force pirated software to be isolated from AOL servers. On the other hand, AOL has developed a system that can quickly stop using phishing-related accounts, which is usually realized before the victims react. The closure of warez, the online backstage in the United States, caused most net fishermen to leave the service, and many net fishermen-usually teenagers-got rid of this bad habit when they grew up. The goal of net fish is to target customers of banks and online payment services. E-mails believed to come from the IRS are used to collect sensitive data of American taxpayers. Although this example is sent indiscriminately for the first time, its purpose is to hope that some customers who receive it will disclose their bank or service data, recent research shows that phishing attacks can basically determine which potential victims of banks will use and send fake emails according to the results. Targeted phishing is called spear phishing. Recently, some phishing attacks are aimed at senior managers and other large enterprises, and the term "whaling" has been coined to describe this type of attack.

Social networking sites are the targets of phishing attacks, because personal data details on these sites can be used for identity theft; At the end of 2006, a computer worm took over the webpage on MySpace, and modified the link to guide the netizens of the website to the website aimed at stealing registry information. Experiments show that the success rate of online phishing on social networking sites is above 70%.

In 2006, almost half of phishing thieves were confirmed to be controlled by the Russian business network group in St. Petersburg.