Phishing has infested the world in the worst possible manner. Many small businesses to individuals and big corporations are insufferable at the hand of phishing crimes. Everyone in the world is prone to phishing crimes. But awareness and street-smartness can help evade such situations. Phishers try to elicit crucial information regarding a person to extract their assets and cause financial setbacks.
One must be prudent enough to steer clear of these gimmicks. The change in online shopping becoming the new monopoly also has a lot to do with the hiking phishing crimes. People are mostly uninformed and hence fall prey to these schemes. Companies need to install attack surface management to evade such consequences.
Most times, phishers target a person’s ineptitude, insecurities and lack of judgment. Regardless of a person’s stature or post, these attacks are devised to cause financial ruin. They manipulate and influence people into performing tasks. Before commencing a task, they may coax people into transferring significant sums of money and tell them that it is a prerequisite. It is utterly naive to fall to these schemes because no respected company will ask their customers for money to participate in a contest.
One of the most upwelling phishing trends is work from home job offers. They call people asking them to pay a small amount followed by other sums, and the person is promised a pay-back in the end. The lockdown period witnessed several such crimes. People need to be brave and use services like attack surface management. They can also cross-check with the customer care of the company that the phisher claims to call from.
INFAMOUS PHISHING CRIMES
1) Facebook and google jointly were scammed for over 100 million dollars between 2013 and 2015 through an extensive fraudulent invoice system. The hacker was Lithuanian and accomplished his feat by creating fake invoices while portraying being an Asian manufacturer. He used spoofed email addresses and has been imprisoned for five years. The most astonishing aspect of this incident is the companies in question. They are some of the most leading players in the world. It makes people think that if they can get conned, so can anyone.
2) Crelan bank: Situated in Belgium, the Crelan bank lost 75.8 billion dollars in a CEO fraud attack reported during an in-house audit. The hackers are still not identified, but the bank has strengthened their security systems to curtail such events. Luckily they had enough reserves from the past to sustain these losses. Such crimes occur when the email address of one of the CEOs is compromised.
3) FACC: An Australian aerospace parts maker was compromised for 61 million dollars in a CEO scam. The hacker impersonated as CEO and sent a phishing email to a beginner employee. The employee transferred the fund for a fake project which cost the company steeply. Incidents like these remind the importance of having necessary security checks in the company. Subsequently, the company fired the CEO and CFO for maintaining lenient security norms that cost them millions.
4) Upsher-smith laboratories: This is a U.S drug company that Upsher-smith deceived for over 50 million dollars over three weeks. The phishers posed as the company’s CEO and sent phishing emails to the accounts department and coordinated them to make nine fraudulent transfers. They recalled one of the calls and retrieved 39 million dollars but still suffered a significant loss.
5) Ubiquiti networks: This is a U.S. computer networking company that faced an unusual circumstance. The company was unaware of losing 46 million dollars through phishing attacks. They were later notified by the FBI who had been closely watching them. The phisher led the scam through an employee impersonation operation. The company was able to recoup 15 million dollars.
6) Leoni Ag: It is a leading producer of wires and cables. They were scammed for 40 million dollars. An employee from the Romania office was targeted by a phishing email claimed to be a company senior. The phisher used inside information to seem more reliable. The company lodged an immediate complaint to recover the damages. Their stocks have dropped by 7% after the incident.
The biggest takeaway from these incidents is that falling prey to a phishing attack is beyond anyone’s control. But people must imbibe more awareness not to be duped. Refraining from heeding company calls claiming to have new offers or asking people for their One-time passwords is a great place to start. They must also verify the identity of the person before blatantly transferring money.