Phishing ExamplesWhat Does Phishing Look Like in the Real World?
Catching Phish in the Wild
Modern phishing attacks are sophisticated, targeted, and dangerously convincing. Fake login pages, bogus security alerts, or even malicious text messages can perfectly mimic the branding and tone of the legitimate companies they’re impersonating.
In this article, we’re going beyond the theory. Take a look at these real-world examples of phishing attacks for an idea of what a scam may look like “in the wild.”
Phishing
Phishing involves a scammer attempting to deceive unsuspecting victims into voluntarily divulging sensitive information. An estimated 90% of cyberattacks begin with a phishing attempt. Here’s what you need to know about these attacks and how you can protect yourself.
FACC CEO Fired After Phishing Attack Causes Company to Lose 42 Million Euros
In January 2016, attackers posing as then-CEO Walter Stephan of FACC AG, an Austrian aerospace and defense company, sent a single email instructing an employee of the company to transfer roughly €50 million for an “acquisition project.”
The employee took the bait and transferred the funds. Though the company was able to recover about €10.9 million, the bulk of the damage was done.
In its annual financial report, FACC recorded a €41.9 million loss over the incident. Walter, who had been CEO for the last 17 years, was terminated after “the supervisory board came to the conclusion that Mr. Walter Stephan has severely violated his duties, in particular in relation to the ‘fake president incident.’”
Phishing Email Aimed at Electric Company Causes 230,000 Customers to Lose Power
In December 2015, electricity distribution company Kyivoblenergo, which served two western regions in Ukraine, was targeted in a cyberattack involving spear phishing emails.
The malicious emails were laden with BlackEnergy 3 (BE) malware, a notorious trojan horse that included data-wiping virus KillDisk. Once installed, the malware would erase data from the infected machine’s hard drive, making data recovery impossible.
This incident, then the first successful cyberattack aimed at a power grid, caused 30 of the company’s substations to shut down for 3 hours. As a result, an estimated 230,000 people lost power, and roughly 73 MWh of electricity — about 0.015% of Ukraine’s daily electricity consumption — was not supplied.
The attack was ultimately attributed to Sandworm, a state-sponsored cyberwarfare unit.
Ubiquiti Networks Nearly $39 Million in Whaling Attack
On June 15, 2015, Ubiquiti Networks experienced a whaling (or “whale phishing”) attack involving the impersonation of one of the company’s senior executives.
In an 8-K filing with the US Securities and Exchange Commission (SEC), the company disclosed a breach that “involved employee impersonation and fraudulent requests from an outside entity targeting the company’s finance department.” A review determined that the attack didn’t involve any actual employees, meaning it was a phishing attack carried out by a third party.
As a result of this business email compromise scam, Ubiquiti experienced fraudulent wire transfers “...of funds aggregating $46.7 million.”
The company ultimately recovered $8.1 million of the amount transferred, making for a substantial financial hit. In total, the company lost the difference — roughly $38.6 million — in the cyberattack.
