Email phishing attacks are a type of cyber attack where criminals send fraudulent emails that appear to be from a legitimate source, such as a well-known company or organization. The goal of these attacks is to trick the recipient into clicking on a malicious link or opening an attachment, which can then install malware on the recipient’s computer or steal their personal information.
Large corporations are a prime target for phishing attacks because they have a lot of valuable data and resources that criminals can steal or exploit. In recent years, there have been a number of high-profile phishing attacks that have targeted large corporations, resulting in millions of dollars in losses.
Here are some of the top email phishing attacks on large corporate:
Facebook and Google scam: In 2013, Facebook and Google were both victims of a phishing attack that resulted in the loss of $100 million. The attackers spoofed the email address of a supplier that both companies use, and sent them fake invoices. The invoices looked legitimate, and the companies paid them without realizing that they were being scammed.
Sony Pictures hack: In 2014, Sony Pictures was hacked after employees fell victim to a phishing attack. The attackers sent emails that appeared to be from a legitimate source, and asked employees to click on a malicious link. The link installed malware on the employees’ computers, which gave the attackers access to the company’s network. The attackers then stole a large amount of data, including employee emails, film scripts, and confidential information.
Ubiquity Networks attack: In 2015, the network equipment company Ubiquiti Networks was hacked after employees fell victim to a phishing attack. The attackers sent emails that appeared to be from a legitimate source, and asked employees to open an attachment. The attachment contained malware, which gave the attackers access to the company’s network. The attackers then stole a large amount of data, including customer information and intellectual property.
FACC attack: In 2016, the aircraft parts manufacturer FACC was hacked after employees fell victim to a phishing attack. The attackers sent emails that appeared to be from the company’s CEO, and asked employees to transfer money to an account controlled by the attackers. The employees transferred the money without realizing that they were being scammed. The attackers stole over €50 million from FACC.
Crelan Bank attack: In 2016, the Belgian bank Crelan Bank was hacked after employees fell victim to a phishing attack. The attackers sent emails that appeared to be from the bank’s CEO, and asked employees to transfer money to an account controlled by the attackers. The employees transferred the money without realizing that they were being scammed. The attackers stole over €75 million from Crelan Bank.
These are just a few examples of the many phishing attacks that have targeted large corporations in recent years. Phishing attacks are becoming increasingly sophisticated, and they can be difficult to spot, even for experienced employees.
How to protect your company from phishing attacks
There are a number of things that companies can do to protect themselves from phishing attacks, including:
- Educate employees about phishing attacks: The best way to protect your company from phishing attacks is to educate your employees about them. Employees need to know how to spot phishing emails and what to do if they receive one.
- Implement security measures: Companies should implement security measures such as email filtering and spam blocking to help prevent phishing emails from reaching employees’ inboxes.
- Monitor employee activity: Companies should monitor employee activity for signs of phishing attacks. For example, companies can monitor for employees who are clicking on malicious links or opening attachments from unknown senders.
By taking these steps, companies can help to protect themselves from phishing attacks and the damage that they can cause.
Conclusion
Phishing attacks are a serious threat to large corporations. By educating employees about phishing attacks and implementing security measures, companies can help to protect themselves from these attacks.