1. $100,000,000 Facebook and Google Launch a Joint Phishing Scam
Evaldas Rimasauskas, a Lithuanian national, launched the largest social engineering campaign ever (as far as we are aware) against Google and Facebook, two of the biggest companies in the world. Rimasauskas and his group established a phony business, posing as a computer manufacturer that collaborated with Google and Facebook. Additionally, Rimsauskas opened bank accounts in the business' name. Following that, the con artists sent phishing emails to particular Google and Facebook employees, billing them for items and services that the manufacturer had actually given, but instructing them to pay money into their fake accounts. Rimasauskas and his friends defrauded the two tech behemoths of more than $100 million between 2013 and 2015.
2. Phishing scam using convincing emails impersonating the US Department of Labor
The US Department of Labor (DoL) was impersonated in a sophisticated phishing effort that sought to obtain Office 365 credentials in January 2022, according to Bleeping Computer. The fraud is a notable illustration of how effective phishing attempts have become.
In order to imitate the DoL's email address, the assault employed two different techniques: spoofing the real DoL email domain (reply@dol[.]gov) and purchasing lookalike domains like "dol-gov[.]com" and "dol-gov[.]us". The phishing emails were able to bypass the security gates of the target companies by using these names.
The emails urged recipients to submit a bid for a government project and featured official DoL logo and expert writing. A "Bid Now" button was integrated inside a three-page PDF that purported to provide the bidding guidelines.
When targets clicked the link, they were taken to a phishing website housed at a URL like bid-dolgov[.]us but masquerading as the legitimate DoL website. Users were asked to provide their Office 365 login information on the bogus bidding website. Even after the first entry, the website displayed a "error" warning to force the target to re-enter their credentials, decreasing the likelihood that they were typed incorrectly.
It's simple to understand how even a cautious worker could be duped by such a scheme, but the issue would not have existed if the intended company had better email security protocols in place.
3. Russian hacking group targets Ukraine with spear phishing
Microsoft issued a warning in February 2022 about a new spear phishing attempt by a Russian hacker outfit targeting Ukrainian government offices and NGOs as world leaders discuss the best course of action in the increasingly tense situation between Russia and Ukraine.
The Gamaredon-affiliated gang, which Microsoft has identified as ACTINIUM, is said to have been focusing on "organizations critical to emergency response and ensuring the security of Ukrainian territory" since 2021.
Gamaredon's campaign starts out with spear phishing emails that include malware. Additionally, the emails have a tracking pixel that lets the thieves know if the message has been opened.
The incident serves as a crucial reminder of how cybersecurity is becoming a more critical factor in international conflicts and how every organization should be taking precautions to strengthen their security posture and guard against social engineering assaults.
4. Deepfake Attack on UK Energy Company
A caller who sounded just like the CEO of a UK energy supplier called the CEO in March 2019. The CEO transferred $243,000 to a "Hungarian supplier" during the conversation since it was so convincing, but the bank account belonged to a con artist.
This "cyber-assisted" attack may seem like it belongs in a science fiction film, but it is not an emergent threat, says Nina Schick, author of "Deep Fakes and the Infocalypse: What You Urgently Need to Know." This danger is present. Now.”
Watch Nina's conversation about deepfakes with FBI Supervisory Special Agent Elvis Chan to discover more about how hackers utilize AI to imitate speech patterns.
Chinese maker of aircraft parts FACC suffered a loss of close to $60 million as a result of a so-called "CEO fraud scam" in which con artists pretended to be senior executives and duped staff members into sending money. Following the event, FACC spent further funds attempting to file a lawsuit against its CEO and finance director, claiming they had not put in place sufficient internal security procedures.
Though the case was unsuccessful, it serves as a crucial reminder that cybersecurity is a matter of paramount importance for all businesses. In fact, according to Gartner, CEOs may be held personally accountable for breaches by 2024.
5. $60 Million CEO Fraud Lands CEO In Court
Security experts identified a Business Email Compromise (BEC) fraud in April 2021 that deceives the victim into downloading malicious software onto their system. This is how the attack functions, and it's actually rather cunning.
The target receives a blank email with the subject line "price revision." An attachment in the email that appears like an Excel spreadsheet file (.xlsx) is there. But the so-called "spreadsheet" is really just a.html file.
The target is sent to a website that has malicious code after opening the (masked).html file. The code causes a pop-up warning alerting the user that they have logged out of Microsoft 365 and requesting that they enter their login information again.
6.Microsoft 365 phishing scam steals user credentials
User credentials are stolen using a Microsoft 365 phishing scheme.
A Business Email Compromise (BEC) scam that deceives the receiver into installing malicious software on their device was uncovered by security experts in April 2021. The attack operates as follows, and it's actually rather clever.
A blank email with the subject "price revision" is sent to the target. A file that resembles an Excel spreadsheet (.xlsx) is attached to the email. But what appears to be a "spreadsheet" is actually a.html file.
The (false).html file directs the target to a website with malicious code when it is opened. The code causes a pop-up message to appear informing the user that they have been logged out of Microsoft 365 and requesting them to reenter their login information.
7.Singapore bank phishing saga like ‘fighting a war’
In 2021, phishing attempts and malicious transactions targeted Oversea-Chinese Banking Corporation (OCBC) customers, resulting in losses of over $8.5 million among about 470 customers.
Helen Wong, CEO of the bank, compared her organization's struggle with the phishing attempts and subsequent fraudulent transactions to "fighting a war."
Following phishing emails they received in December 2021, OCBC customers were tricked into divulging their account information. Despite the bank taking down bogus domains and warning customers of the scam, things quickly got out of hand.
Wong explained how the hackers set up "mule" accounts to receive stolen money once the phishing campaign had taken off. No matter how quickly the bank's security team was able to close a mule account, the con artists would swiftly locate a replacement.
After bringing the phishing effort under control, the CEO explained her dilemma: compensating customers seemed like the proper thing to do, but Wong feared it may encourage other assaults. So far over 200 customers have been compensated.
8.Ransomware gang hijacks victim’s email account
Several employees of British train company Merseyrail in April 2021 received an odd email from their manager with the subject "Lockbit Ransomware Attack and Data Theft." Additionally copied in were journalists from various publications and tech websites.
The email showed that Merseyrail had been hacked and had attempted to minimize the event. It was written by a fraudster posing as the company's director. An photograph of a Merseyrail employee's personal information was also included in the email.
Although the method of infiltration of Merseyrail's email system is unknown (security experts believe a spear phishing assault), the "double extortion" used in this attack makes it exceptionally vicious.
The "Lockbit" gang exploited its access to the company's systems to launch an embarrassing publicity campaign on behalf of Merseyrail's director in addition to stealing the company's personal data and demanding a ransom to return it.
Evaldas Rimasauskas, a Lithuanian national, launched the largest social engineering campaign ever (as far as we are aware) against Google and Facebook, two of the biggest companies in the world. Rimasauskas and his group established a phony business, posing as a computer manufacturer that collaborated with Google and Facebook. Additionally, Rimsauskas opened bank accounts in the business' name. Following that, the con artists sent phishing emails to particular Google and Facebook employees, billing them for items and services that the manufacturer had actually given, but instructing them to pay money into their fake accounts. Rimasauskas and his friends defrauded the two tech behemoths of more than $100 million between 2013 and 2015.
2. Phishing scam using convincing emails impersonating the US Department of Labor
The US Department of Labor (DoL) was impersonated in a sophisticated phishing effort that sought to obtain Office 365 credentials in January 2022, according to Bleeping Computer. The fraud is a notable illustration of how effective phishing attempts have become.
In order to imitate the DoL's email address, the assault employed two different techniques: spoofing the real DoL email domain (reply@dol[.]gov) and purchasing lookalike domains like "dol-gov[.]com" and "dol-gov[.]us". The phishing emails were able to bypass the security gates of the target companies by using these names.
The emails urged recipients to submit a bid for a government project and featured official DoL logo and expert writing. A "Bid Now" button was integrated inside a three-page PDF that purported to provide the bidding guidelines.
When targets clicked the link, they were taken to a phishing website housed at a URL like bid-dolgov[.]us but masquerading as the legitimate DoL website. Users were asked to provide their Office 365 login information on the bogus bidding website. Even after the first entry, the website displayed a "error" warning to force the target to re-enter their credentials, decreasing the likelihood that they were typed incorrectly.
It's simple to understand how even a cautious worker could be duped by such a scheme, but the issue would not have existed if the intended company had better email security protocols in place.
3. Russian hacking group targets Ukraine with spear phishing
Microsoft issued a warning in February 2022 about a new spear phishing attempt by a Russian hacker outfit targeting Ukrainian government offices and NGOs as world leaders discuss the best course of action in the increasingly tense situation between Russia and Ukraine.
The Gamaredon-affiliated gang, which Microsoft has identified as ACTINIUM, is said to have been focusing on "organizations critical to emergency response and ensuring the security of Ukrainian territory" since 2021.
Gamaredon's campaign starts out with spear phishing emails that include malware. Additionally, the emails have a tracking pixel that lets the thieves know if the message has been opened.
The incident serves as a crucial reminder of how cybersecurity is becoming a more critical factor in international conflicts and how every organization should be taking precautions to strengthen their security posture and guard against social engineering assaults.
4. Deepfake Attack on UK Energy Company
A caller who sounded just like the CEO of a UK energy supplier called the CEO in March 2019. The CEO transferred $243,000 to a "Hungarian supplier" during the conversation since it was so convincing, but the bank account belonged to a con artist.
This "cyber-assisted" attack may seem like it belongs in a science fiction film, but it is not an emergent threat, says Nina Schick, author of "Deep Fakes and the Infocalypse: What You Urgently Need to Know." This danger is present. Now.”
Watch Nina's conversation about deepfakes with FBI Supervisory Special Agent Elvis Chan to discover more about how hackers utilize AI to imitate speech patterns.
Chinese maker of aircraft parts FACC suffered a loss of close to $60 million as a result of a so-called "CEO fraud scam" in which con artists pretended to be senior executives and duped staff members into sending money. Following the event, FACC spent further funds attempting to file a lawsuit against its CEO and finance director, claiming they had not put in place sufficient internal security procedures.
Though the case was unsuccessful, it serves as a crucial reminder that cybersecurity is a matter of paramount importance for all businesses. In fact, according to Gartner, CEOs may be held personally accountable for breaches by 2024.
5. $60 Million CEO Fraud Lands CEO In Court
Security experts identified a Business Email Compromise (BEC) fraud in April 2021 that deceives the victim into downloading malicious software onto their system. This is how the attack functions, and it's actually rather cunning.
The target receives a blank email with the subject line "price revision." An attachment in the email that appears like an Excel spreadsheet file (.xlsx) is there. But the so-called "spreadsheet" is really just a.html file.
The target is sent to a website that has malicious code after opening the (masked).html file. The code causes a pop-up warning alerting the user that they have logged out of Microsoft 365 and requesting that they enter their login information again.
6.Microsoft 365 phishing scam steals user credentials
User credentials are stolen using a Microsoft 365 phishing scheme.
A Business Email Compromise (BEC) scam that deceives the receiver into installing malicious software on their device was uncovered by security experts in April 2021. The attack operates as follows, and it's actually rather clever.
A blank email with the subject "price revision" is sent to the target. A file that resembles an Excel spreadsheet (.xlsx) is attached to the email. But what appears to be a "spreadsheet" is actually a.html file.
The (false).html file directs the target to a website with malicious code when it is opened. The code causes a pop-up message to appear informing the user that they have been logged out of Microsoft 365 and requesting them to reenter their login information.
7.Singapore bank phishing saga like ‘fighting a war’
In 2021, phishing attempts and malicious transactions targeted Oversea-Chinese Banking Corporation (OCBC) customers, resulting in losses of over $8.5 million among about 470 customers.
Helen Wong, CEO of the bank, compared her organization's struggle with the phishing attempts and subsequent fraudulent transactions to "fighting a war."
Following phishing emails they received in December 2021, OCBC customers were tricked into divulging their account information. Despite the bank taking down bogus domains and warning customers of the scam, things quickly got out of hand.
Wong explained how the hackers set up "mule" accounts to receive stolen money once the phishing campaign had taken off. No matter how quickly the bank's security team was able to close a mule account, the con artists would swiftly locate a replacement.
After bringing the phishing effort under control, the CEO explained her dilemma: compensating customers seemed like the proper thing to do, but Wong feared it may encourage other assaults. So far over 200 customers have been compensated.
8.Ransomware gang hijacks victim’s email account
Several employees of British train company Merseyrail in April 2021 received an odd email from their manager with the subject "Lockbit Ransomware Attack and Data Theft." Additionally copied in were journalists from various publications and tech websites.
The email showed that Merseyrail had been hacked and had attempted to minimize the event. It was written by a fraudster posing as the company's director. An photograph of a Merseyrail employee's personal information was also included in the email.
Although the method of infiltration of Merseyrail's email system is unknown (security experts believe a spear phishing assault), the "double extortion" used in this attack makes it exceptionally vicious.
The "Lockbit" gang exploited its access to the company's systems to launch an embarrassing publicity campaign on behalf of Merseyrail's director in addition to stealing the company's personal data and demanding a ransom to return it.
