Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Social engineering (security)
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Notable social engineering incidents== {{Expand section|date=May 2024}} ===2017 Equifax breach help websites=== Following the [[2017 Equifax data breach]] linked to [[China]]'s [[People's Liberation Army]]<ref>{{cite web | url = https://www.wsj.com/articles/four-members-of-china-s-military-indicted-for-massive-equifax-breach-11581346824 | title = Four Members of China's Military Indicted Over Massive Equifax Breach | date= February 11, 2020 | work = [[The Wall Street Journal]] }}</ref> in which over 150 million private records were leaked (including [[Social Security numbers]], and [[drivers license]] numbers, birthdates, etc.), warnings were sent out regarding the dangers of impending security risks.<ref>{{cite web|url=https://www.cnbc.com/2017/09/07/credit-reporting-firm-equifax-says-cybersecurity-incident-could-potentially-affect-143-million-us-consumers.html |title=Credit reporting firm Equifax says data breach could potentially affect 143 million US consumers |date=7 Sep 2018 |publisher=CNBC|access-date=3 May 2024}}</ref> In the day after the establishment of a legitimate help website (equifaxsecurity2017.com) dedicated to people potentially victimized by the breach, 194 malicious domains were reserved from small variations on the URL, capitalizing on the likelihood of people mistyping.<ref>{{cite web|url=https://www.cantonrep.com/entertainmentlife/20171001/straight-talk-beware-scams-related-to-equifax-data-breach |archive-url=https://web.archive.org/web/20201206021332/https://www.cantonrep.com/entertainmentlife/20171001/straight-talk-beware-scams-related-to-equifax-data-breach |title=Straight Talk: Beware scams related to Equifax data breach |archive-date=6 Dec 2020 |url-status=dead}} </ref><ref>{{cite web|url=https://www.social-engineer.org/framework/attack-vectors/phishing-attacks-2/ |title=Phishing |website=Security Through Education |publisher=Social-Engineer}}</ref> === 2017 Google and Facebook phishing emails === Two tech giants—[[Google]] and [[Facebook]]—were phished out of $100 million by a [[Lithuania]]n fraudster.<ref>{{Cite news |date=2017-04-28 |title=Google and Facebook duped in huge 'scam' |url=https://www.bbc.co.uk/news/technology-39744007 |access-date=2025-04-10 |work=BBC News |language=en-GB}}</ref> He impersonated a hardware supplier to falsely invoice both companies over two years.<ref>{{Cite web |last=Jr |first=Tom Huddleston |date=2019-03-27 |title=How this scammer used phishing emails to steal over $100 million from Google and Facebook |url=https://www.cnbc.com/2019/03/27/phishing-email-scam-stole-100-million-from-facebook-and-google.html |access-date=2024-10-20 |website=CNBC |language=en}}</ref> Despite their technological sophistication, the companies lost the money, although they were later able to recuperate the majority of the funds stolen.<ref name=":1">{{Cite web |title=Famous Phishing Incidents from History {{!}} Hempstead Town, NY |url=https://www.hempsteadny.gov/635/Famous-Phishing-Incidents-from-History |access-date=2024-10-14 |website=www.hempsteadny.gov}}</ref> === 2016 United States Elections leaks === During the [[2016 United States elections|2016 United States Elections]], hackers associated with [[GRU (Russian Federation)|Russian Military Intelligence (GRU)]] sent phishing emails directed to members of [[Hillary Clinton]]'s campaign, disguised as a Google alert.<ref>{{Cite web |date=2016-12-27 |title=2016 Presidential Campaign Hacking Fast Facts |url=https://www.cnn.com/2016/12/26/us/2016-presidential-campaign-hacking-fast-facts/index.html |access-date=2024-08-07 |website=CNN |language=en}}</ref> Many members, including the chairman of the campaign, [[John Podesta]], had entered their passwords thinking it would be reset, causing their personal information, and thousands of private emails and documents to be leaked.<ref name=":0">{{Cite web |date=2018-07-13 |title=Office of Public Affairs {{!}} Grand Jury Indicts 12 Russian Intelligence Officers for Hacking Offenses Related to the 2016 Election {{!}} United States Department of Justice |url=https://www.justice.gov/opa/pr/grand-jury-indicts-12-russian-intelligence-officers-hacking-offenses-related-2016-election |access-date=2024-08-07 |website=www.justice.gov |language=en}}</ref> With this information, they hacked into other computers in the [[Democratic Congressional Campaign Committee]], implanting malware in them, which caused their computer activities to be monitored and leaked.<ref name=":0" /> === 2015 Ubiquiti Networks scam === In 2015, specialized [[Wi-Fi]] hardware and software maker Ubiquiti lost nearly $47 million to hackers. Attackers sent Ubiquiti's accounting department a [[phishing]] email from a [[Hong Kong]] branch with instructions to change payment account details. Upon discovering the theft, the company began cooperating with law enforcement, but was only able to recover $8 million of the stolen funds, although they had hoped for $15 million.<ref name=":2" /><ref>{{Cite web |date=2015-08-07 |title=Ubiquiti Networks Says It Was Victim of $47 Million Cyber Scam |url=https://www.nbcnews.com/tech/security/ubiquiti-networks-says-it-was-victim-47-million-cyber-scam-n406201 |access-date=2025-04-09 |website=NBC News |language=en}}</ref> === 2014 Sony pictures leak === On [[2014 Sony Pictures hack|24 November 2014]], the [[Hacker (computer security)|hacker]] group "[[Lazarus Group|Guardians of Peace]]"<ref>{{Cite web |title=The Sony Pictures Breach: A Deep Dive into a Landmark Cyber Attack - Sep 15, 2023 |url=https://www.frameworksec.com/post/the-sony-pictures-breach-a-deep-dive-into-a-landmark-cyber-attack |access-date=2024-10-21 |website=www.frameworksec.com |language=en}}</ref> (probably linked to [[North Korea]])<ref>{{cite web | url = https://www.usatoday.com/story/news/2014/12/19/sony-the-interview-hackers-gop/20635449/ | title = FBI confirms North Korea behind Sony hack | first1 = Elizabeth | last1 = Weise | first2 = Kevin | last2 = Johnson | work = [[USA Today]] | date = December 19, 2014 | access-date = December 19, 2014 | archive-date = December 19, 2014 | archive-url = https://web.archive.org/web/20141219204906/http://www.usatoday.com/story/news/2014/12/19/sony-the-interview-hackers-gop/20635449/ | url-status = live }}</ref> [[Internet leak|leaked]] confidential data from the film studio [[Sony Pictures|Sony Pictures Entertainment]]. The data included emails, executive salaries, and employees' personal and family information. The phishers pretended to be high up employees to install malware on workers' computers.<ref>{{Cite web |title=Famous Phishing Incidents from History {{!}} Hempstead Town, NY |url=https://www.hempsteadny.gov/635/Famous-Phishing-Incidents-from-History#:~:text=The%20Federal%20Trade%20Commission%20released,information%20to%20claim%20the%20prize. |access-date=2024-10-21 |website=www.hempsteadny.gov}}</ref> === 2013 Department of Labor watering hole attack === In 2013, a [[United States Department of Labor|U.S. Department of Labor]] server was hacked and used to host malware and redirect some visitors to a site using a zero-day [[Internet Explorer]] exploit to install a remote access trojan called [[PoisonIvy (trojan)|Poison Ivy]]. Watering hole attacks were used, with the attackers creating pages related to toxic nuclear substances overseen by the [[United States Department of Energy|Department of Energy]]. The targets were likely DoL and DOE employees with access to sensitive nuclear data.<ref name=":2" /><ref>{{Cite web |date=2013-05-06 |title=Internet Explorer zero-day blamed for Department of Labor website attack |url=https://www.infosecurity-magazine.com/news/internet-explorer-zero-day-blamed-for-department/ |access-date=2025-04-10 |website=Infosecurity Magazine |language=en-gb}}</ref> === 2011 RSA SecurID phishing attack === In 2011, hackers broke into the сryptographic corporation [[RSA Security|RSA]] and obtained information about [[RSA SecurID|SecurID]] two-factor authentication fobs. Using this data, the hackers later tried to infiltrate the network of defense contractor [[Lockheed Martin]]. The hackers gained access to the key fob data by sending emails to four employees of the parent corporation from an alleged recruitment site. The emails contained an [[Microsoft Excel|Excel]] attachment titled 2011 Recruitment Plan. The spreadsheet contained a [[Zero-day vulnerability|zero-day]] Flash [[Exploit (computer security)|exploit]] that provided [[Backdoor (computing)|backdoor]] access to the work computers.<ref name=":2">{{Cite web |last= |date=2017-11-02 |title=5 Social Engineering Attacks of All Time |url=https://www.cybersecurityeducationguides.org/2017/11/top-5-social-engineering-attacks-of-all-time/ |access-date=2025-04-09 |website=www.cybersecurityeducationguides.org |language=en-US}}</ref><ref>{{Cite magazine |last=Greenberg |first=Andy |title=The Full Story of the Stunning RSA Hack Can Finally Be Told |url=https://www.wired.com/story/the-full-story-of-the-stunning-rsa-hack-can-finally-be-told/ |access-date=2025-04-09 |magazine=Wired |language=en-US |issn=1059-1028}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)