Famous Phishing Attacks We Can Learn From
Most of the time, hackers go after companies since they have more money and it’s easier to capitalise on the chaos. All they have to do is find a single vantage point, a weak link, and you’re in. Here are the 5 most notorious phishing assaults on businesses.
1- Belgian Crelan bank CEO scam
Scam Type: Business email compromise, Whaling
Losses: $75.8 million
What went down: In 2016, the Belgian Crelan Bank was taken advantage of in a $75.8 million business email compromise (BEC) plot.
BEC is a type of phishing attack in which attackers impersonate high-level executives to obtain what they desire (imagine receiving an email from your employer asking you to sign a document).
2- Sony’s infamous malware attack
Scam Type: Spear phishing
Losses: $83 million
What went down: In 2015, a group of hackers exploited Sony’s Network by launching an intricate campaign of spear-phishing emails.
These emails were intended for Sony’s system engineers, network administrators, and other people with access to their network. The fraud was cleverly simple: staff members were instructed to check their Apple IDs because of “unauthorised activity.” The emails also included links to phishing sites (phishing sites) that sought to obtain the victim’s credentials.
3- Facebook and Google phishing scams
Scam Type: Spear phishing
Losses: $120 million
What went down: According to Forbes, a Lithuanian hacker Evaldas Rimašauskas robbed Google and Facebook for over $120 million.
The criminal devised a plan to steal money from these firms using spear phishing. The funds were sent through Cyprus and Latvia before being routed to bank accounts across the world.
4- Ukrainian power grid blackout
Scam Type: Spear phishing
Impact: Electricity was cut off for around 225,000 people.
What went wrong: On December 23, 2015, around 225,000 Ukrainians were left without power at home as a result of an unplanned widespread blackout. Spear-phishing emails that included malware were the reason for the outage.
The power outage lasted around an hour, so it wasn’t too big of a deal, right? Because the power grid’s firmware was infected with BlackEnergy (grid-sabotaging) malware, the electricity had to be restored manually and the automatic management mode had to be turned off for a long time.
5- Colonial Pipeline shutdown
Scam Type: Phishing
Impact: Oil price inflation, panic, and a state of emergency in multiple states.
A ransomware attack caused the closure of the Colonial Pipeline, which supplies about 45% of East Coast gasoline. The malware was allegedly spread by phishing emails.
On May 7, 2021, The Colonial Pipeline announced that its 5500-mile fuel pipeline had been shut down by hackers. The attackers identified themselves as the DarkSide, a Russian hacker organisation that focuses on large businesses.
The intruders hacked into the Colonial Pipeline’s security measures using phishing and installed ransomware on its systems. The organisation was then threatened with the loss of stolen data if it did not pay a $5 million ransom.
For nearly six days, the entire East Coast was without a gasoline supply. Gas costs in the country climbed to about $2 per gallon for much of this period. The price spikes had not been seen in the United States since 2014, and they caused panic.
In response, Virginia, North Carolina, Georgia, and Florida declared a state of emergency. People were worried and forming mile-long queues at their local gas stations. In the end, the affair didn’t have much effect on the firm. The hacker group was paid $5 million as promised, and the gasoline line was restored in the process.
In Summary
Nowadays, companies are a lot more proactive when it comes to detecting and preventing scams. A lot of businesses and individuals use VPNs to make it difficult for hackers to identify you. For additional information, click here to learn more!
