Incidents of Spear Phishing
As we have reviewed in our previous post, spear phishing, is quite different than the normal phishing attack.
In a normal phishing case, the cyber attacker just merely launches an all-out attack, in the hopes of being able to harvest sensitive information and data.
In these cases, typically, a hijacked e-mail address book (or even many of them) is what used to launch the attack.
However, with the spear phishing attack, the victim(s) is (are) specifically targeted.
For example, the cyber attacker will take great lengths and even a good amount of time into researching the background information of their intended victims.
Below are some examples of spear phishing attacks, and the devastation that they caused in their wake:
1. Ubiquiti Networks: Total loss of $46.7 Million to scammers
This attack actually occurred on June 5th, 2017.
The company was hit by a spear phishing attack with a disastrous financial toll.
They were able to reclaim roughly $45 million of the stolen funds, and it was determined that this attack was the direct result of “employee impersonation and fraudulent requests from an outside entity targeting the company’s finance department”.
Further details can be seen here.
2. FACC: Total loss of $55 Million to scammers
FACC manufactures the interior engine components for the major aircraft manufacturers that include Boeing and Airbus.
They were hit with a spear phishing attack on January 19, 2016.
The company lost 17% of its total stock value, and the CEO was immediately fired as a result. Outside attackers were the culprit in this incident.
More details of it can be seen here.
3. The Crelan Bank: Total loss of $75.8 Million
Also, on January 2016, this major financial institution located in the Netherlands fell victim to a spear phishing attack.
The bank claimed that it has taken further steps to protect their customers, their information, and their data.
More details of this attack can be seen here.
4. Facebook and Google: Total loss of $100 Million
Although no specific details have been revealed but it’s believed that these two major tech companies were hit with a spear phishing attack as well on March 21, 2017.
Additional details can be seen here.
Now the question is, how does an organization prevent it from happening? Here are some tips:
1. Always install the latest security patches and software updates to your servers, workstations, and wireless devices.
2. Always employ encryption to protect corporate information and data, especially when sending it to another recipient.
3. Make use of DMARC (Domain-based Message Authentication, Reporting & Conformance), Sender Policy Framework (SPF) & Domain Keys Identified Mail (DKIM) technologies.
They compare address of the incoming e-mail message to what is stored in your database.
If the two do not match up, then the e-mail message is automatically rejected and never makes into the corporate e-mail server(s).
4. Deploy Two Factor Authentication (2FA) whenever and wherever possible.
5. Keep your employees on their toes with security awareness training workshops and also test their knowledge. With the latter, you can send out a phony e-mail to your employees to see if they will fall for it.
6. Always confirm any suspicious e-mail with the sender. If they didn’t send it, then immediately delete it!!!