Phishing and spear phishing attacks are relatively simple to conduct but can have devastating consequences. In order to conduct a phishing attack, a hacker sends a seemingly innocent email to a member of an organization. This email may appear to contain important information or lead to a legitimate login page. When an organization members click on a link within the offending email, they will be directed to a bogus site. This site will either harvest their login details or install malware onto their computer. Alternatively, a phishing scam can simply involve requesting sums of money in such a way that the request seems legitimate enough to process. Phishing scammers have made millions of dollars simply by asking for money while posing as genuine contractors or company departments. Over the years, some phishing scams have stood out from the crowd in terms of audacity. Here are three of the most infamous phishing attacks in recent history.
The Google And Facebook Scam
Between 2013 and 2015, an ambitious Lithuanian hacker managed to steal over 100 million dollars from Google and Facebook. The hacker sent emails that contained invoices from a fake computer parts company, which Google and Facebook willingly paid. The scam worked for years, but the game eventually caught up with the hacker, who was extradited to the USA. More and more companies have invested in bringing in help from cybersecurity groups like cybertalk.org in an effort to prevent similarly costly attacks.
The DNC Hack
In the run-up to the 2016 presidential election in the United States, the Democratic National Congress was hacked, and a great deal of sensitive information was leaked. The DNC leaks arguably had a tangible impact on the result of the election – which was won by the Republican Party candidate Donald Trump. Senior figures in the DNC were sent emails that appeared to contain security update information and important statistics. When links within these emails were clicked, hackers were able to gain access to confidential files. The culprits behind this phishing attack are believed to be connected to the Russian state, which was actively seeking to help the election campaign of Mr. Trump. The Russian Federation actively uses phishing and other hacking methods to influence international politics. In this instance, they had a great deal of success.
2015 Ukrainian Power Grid Attack
An equally ambitious attack that made use of phishing occurred one year earlier in 2015. An email sent to a power grid worker in Ukraine installed malware onto a network that enabled the automation of a complete shutdown. Two hundred thirty thousand power consumers in the Eastern European country were deprived of power as the grid was completely taken offline. In 2014 the Russian Federation had annexed the enclave of Crimea and begun supporting rebels in the Donbas region. This naturally meant that fingers started wagging in the direction of Moscow. The Ukrainian government squarely blamed Russian hackers, although some analysts were wary of identifying a perpetrator. Once again, it appears that hacking was being used as a means to punish political enemies.