Some famous phishing scams

Of course, at Winzum we are an online competition platform first and foremost, however we’re also heavily dedicated to trying to keep you lot as safe as possible in your online endeavours too. By far the easiest way for nasty criminals to access stuff like your personal bank account these days is through phishing, something we explored in more detail here [what does phishing mean?].

One of the cornerstones to online safety is being aware of phishing, and also knowing how to stop it. A major part of combatting potential phishing scams is simply knowing what they look like, and for this reason we thought it was a good idea to explore some of the most famous phishing scams from over the years. Sit back, and enjoy the ride!

Operation Phish Phry

If you think Operation Phish Phry sounds like something out of a spy film you are spot on, because Operation Phish Phry is the name given by the FBI to the largest international phishing scam in history. Back in 2009 an at-first unidentified band of cyber criminals targeted millions of U.S bank accounts in a sophisticated phishing attack, and ended up stealing approximately $1.5 million.

The phishing scam worked using fake financial websites and emails, with victims inputting their personal data, and thereby giving the cyber criminals access to their accounts. It is a prime example of why you should always be careful when you receive emails relating to your online banking.

Walter Stephan

The Walter Stephan story is a rather tragic example of how a phishing attack can result in a huge amount of misery, and is also an indicator of the amount of money that can be lost due to a successful phishing attack. Stephan was the CEO of aerospace engineering company FACC, and ended up losing an enormous $47 million sum due to a relatively simple phishing attack.

All it took was one particularly savvy cybercriminal to guess what Walter Stephan’s email would have looked like, which they then used to target a recently employed accountant. The email told the accountant to transfer the gargantuan amount of money as part of an undisclosed acquisition project, and the rest is history…

Ukrainian power grid phishing attack

Most phishing attacks are aimed at bank accounts, with the main goal being financial gain; however there have also been examples of phishing being used for much larger purposes. For example, in 2015 a Russian state-led cyber assault on the Ukrainian power grid was done completely through an initial email phishing attack.

The attack ended up wiping out the entire Ukrainian power grid due to complex malware installed through the initial phishing attack that took place entirely via email. All it took was one innocent mistake from a Ukrainian power plant employee – proof of how dangerous phishing can be.