One of the most important security problems that we can suffer on the Internet is a Phishing attack. Basically what an attacker does is send a message through email, social networks or SMS, with the aim of making us fall into the trap. In this way they can steal passwords, data, etc. In this article we are going to see what three of the most dangerous phishing attacks and what to do to avoid them.
Phishing attacks that have stolen the most money
Logically, cybercriminals seek to profit from the attacks they carry out. If, for example, a Netflix account is stolen through a phishing attack, they can put it up for sale on the Dark Web. They can do the same with email accounts and any social network, since they have value in hidden forums.
fake bills in the mail
One of the techniques used by cybercriminals to launch Phishing campaigns is to sneak fake bills through email. This can seriously affect our security if we click and download an attached document. And that was what cost Google and Facebook more than 85 million euros.
The hacker Evaldas Rimasauska acted in this type of attack, impersonating a Taiwanese company that Google and Facebook used as a provider. What he basically did was send false invoices to companies and request money. They were able to recover part of the losses, but they did not reach even half.
Bank scams have also been very present in recent years. But there was one that far surpassed the others. It is a Phishing attack against workers of Crelan Bank. This attack caused the bank to lose more than 65 million euros. The strategy was to send emails to workers and use social engineering to impersonate the company’s CEO.
what they did was fake CEO email and contact the workers. The objective was to request that they transfer money. But of course, that money really went to accounts controlled by the attacker. It is unknown to this day who was behind this great scam.
Another very serious Phishing attack was the one suffered by the aerospace company FACC. It is a company of great value and as in the previous case they used an email account of the CEO. They managed to scam about 53 million euros. They requested to transfer large amounts of money and an employee did.
Once again, social engineering was key in this type of attack that caused millions in losses. But we can also see this type of threat on a small scale and it is not necessary to go to a large organization.
What to do to avoid attacks
We have seen what the three most serious Phishing attacks have been so far. However, an attack of this type is not only stealing millions of euros, since it could also simply mean losing your email, Facebook or any other social network account you use.
The best way to avoid Phishing is the common sense. It is essential not to fall into traps of any kind, such as clicking on an attachment that is sent to us without really knowing who is behind it, or opening a link that takes us to a page that is not trusted.
It is also a good idea to have security programs. A good antivirus can help us detect possible malware that enters after opening an email that is actually fake, for example. Solutions like Microsoft Defender or Avast can come in handy to protect computers.
Of course, another important factor is having All updated. You can be hacked after a cybercriminal exploits an unpatched security flaw on your device. For this reason, it is essential to always install all patches and updates.