This year in March, a Lithuanian cybercriminal was arrested for alleged phishing attack targeting two US-based technology companies. (*) It was stated that this person named Evaldas Rimasauskas , appearing as representatives of an Asian company, sent phishing e-mails to the representatives of the two major technology companies whose names were not disclosed at first. (**) anti phishing tools
As Fortune’s report uncovered, the companies, Facebook and Google, were victims of this phishing attacks even they already have anti phishing solutions such as firewall, antispam, data loss preventions etc., resulting in a loss of $ 100 million, in which case the employees in both companies were brought into the game by sending funds to overseas bank accounts. According to Fortune, between 2013 and 2015, Rimasauskas sent an email to both Google and Facebook employees on behalf of Quanta Computer, a Taiwanese electronics manufacturer, requesting payment of goods and services. (***) Employees paid the requested amount without questioning, thinking that the information in the email was real. Employees did not need to verify the authenticity of the e-mail because it contained all legal and real information such as a real signature, logo, name, address, and etc. anti phishing tools
After Google and Facebook’s transference of the money to Quanta, Rimasauskas enabled these funds to travel around in different bank accounts around the world such as Latvia, Cyprus, Slovakia, Lithuania, Hungary and Hong Kong. Rimasauskas delivered Facebook and Google administrators’ signatures on bills, contracts and letters to the bank to get the money in these accounts. Prior to his capture, Rimasauskas reportedly stole $ 100 million from Google and Facebook. [****] anti phishing tools
Why are the Phishing Attacks so Effective?
Technical solutions are not enough to prevent phishing attacks alone. No matter how strong a company is, any company can fall victim to phishing attacks since the human factor is in place and the cyber attackers might be well prepared for the weaknesses of employees. Cybercriminals already know the best strategies for reaching the sensitive data of the institutions. Often, simple methods are used to attack an organization rather than complex methods, by simply manipulating its employees or community members by communicating with them. As it is seen in this case, two giant technology companies have been exploited by various social engineering methods and have suffered great material and moral damages. Institutions have the best defensive mechanism when their employees are well-equipped and become aware of the ways and the methods of the phishing attacks. Tips and suggestions against phishing attacks can be learned from Keepnet Labs’ cybersecurity recommendations and anti phishing solutions.
Sources;
- http://bit.ly/2qfiP3y
According to the US Justice Department, two major American technology companies suffered 100 million loss, becoming a victim of a man in Lithuania. At the age of 48, Evaldas Rimasauskas was sentenced to 20 years in prison for fraud, money laundering and identity theft. See more at
- http://bit.ly/2Nuh04s anti phishing tools
- http://cnb.cx/2qaDtTr anti phishing tools
- http://cnb.cx/2qaDtTr
This blog had been published at www.keepnetlabs.com.
Teknoloji Haberleri