The list of phishing incidents covers important or noteworthy events in the history of phishing.
The term "phishing" is said to have been coined by the well known spammer and hacker in the mid-90s, Khan C. Smith. [3] The first recorded mention of the term is found in the hacking tool AOHell (according to its creator), which included a function for attempting to steal the passwords or financial details of America Online users. [4] [5]
Year | Campaigns |
---|---|
2005 | 173,063 |
2006 | 268,126 |
2007 | 327,814 |
2008 | 335,965 |
2009 | 412,392 |
2010 | 313,517 |
2011 | 284,445 |
2012 | 320,081 |
2013 | 491,399 |
2014 | 704,178 |
2015 | 1,413,978 |
Year | Jan | Feb | Mar | Apr | May | Jun | Jul | Aug | Sep | Oct | Nov | Dec | Total |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
2005 | 12,845 | 13,468 | 12,883 | 14,411 | 14,987 | 15,050 | 14,135 | 13,776 | 13,562 | 15,820 | 16,882 | 15,244 | 173,063 |
2006 | 17,877 | 17,163 | 18,480 | 17,490 | 20,109 | 28,571 | 23,670 | 26,150 | 22,136 | 26,877 | 25,816 | 23,787 | 268,126 |
2007 | 29,930 | 23,610 | 24,853 | 23,656 | 23,415 | 28,888 | 23,917 | 25,624 | 38,514 | 31,650 | 28,074 | 25,683 | 327,814 |
2008 | 29,284 | 30,716 | 25,630 | 24,924 | 23,762 | 28,151 | 24,007 | 33,928 | 33,261 | 34,758 | 24,357 | 23,187 | 335,965 |
2009 | 34,588 | 31,298 | 30,125 | 35,287 | 37,165 | 35,918 | 34,683 | 40,621 | 40,066 | 33,254 | 30,490 | 28,897 | 412,392 |
2010 | 29,499 | 26,909 | 30,577 | 24,664 | 26,781 | 33,617 | 26,353 | 25,273 | 22,188 | 23,619 | 23,017 | 21,020 | 313,517 |
2011 | 23,535 | 25,018 | 26,402 | 20,908 | 22,195 | 22,273 | 24,129 | 23,327 | 18,388 | 19,606 | 25,685 | 32,979 | 284,445 |
2012 | 25,444 | 30,237 | 29,762 | 25,850 | 33,464 | 24,811 | 30,955 | 21,751 | 21,684 | 23,365 | 24,563 | 28,195 | 320,081 |
2013 | 28,850 | 25,385 | 19,892 | 20,086 | 18,297 | 38,100 | 61,453 | 61,792 | 56,767 | 55,241 | 53,047 | 52,489 | 491,399 |
2014 | 53,984 | 56,883 | 60,925 | 57,733 | 60,809 | 53,259 | 55,282 | 54,390 | 53,661 | 68,270 | 66,217 | 62,765 | 704,178 |
2015 | 49,608 | 55,795 | 115,808 | 142,099 | 149,616 | 125,757 | 142,155 | 146,439 | 106,421 | 194,499 | 105,233 | 80,548 | 1,413,978 |
2016 | 99,384 | 229,315 | 229,265 | 121,028 | 96,490 | 98,006 | 93,160 | 66,166 | 69,925 | 51,153 | 64,324 | 95,555 | 1,313,771 |
2017 | 96,148 | 100,932 | 121,860 | 87,453 | 93,285 | 92,657 | 99,024 | 99,172 | 98,012 | 61,322 | 86,547 | 85,744 | 1,122,156 |
2018 | 89,250 | 89,010 | 84,444 | 91,054 | 82,547 | 90,882 | 93,078 | 89,323 | 88,156 | 87,619 | 64,905 | 87,386 | 1,040,654 |
2019 | 34,630 | 35,364 | 42,399 | 37,054 | 40,177 | 34,932 | 35,530 | 40,457 | 42,273 | 45,057 | 42,424 | 45,072 | 475,369 |
"APWG Phishing Attack Trends Reports" . Retrieved May 5, 2019.
Computer security, cybersecurity, digital security or information technology security is the protection of computer systems and networks from attacks by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.
Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.
Phishing is a form of social engineering and scam where attackers deceive people into revealing sensitive information or installing malware such as ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim. As of 2020, it is the most common type of cybercrime, with the FBI's Internet Crime Complaint Center reporting more incidents of phishing than any other type of computer crime.
A spoofed URL involves one website masquerading as another, often leveraging vulnerabilities in web browser technology to facilitate a malicious computer attack. These attacks are particularly effective against computers that lack up-to- security patches. Alternatively, some spoofed URLs are crafted for satirical purposes.
Email spoofing is the creation of email messages with a forged sender address. The term applies to email purporting to be from an address which is not actually the sender's; mail sent in reply to that address may bounce or be delivered to an unrelated party whose identity has been faked. Disposable email address or "masked" email is a different topic, providing a masked email address that is not the user's normal address, which is not disclosed, but forwards mail sent to it to the user's real address.
The Internet has a long history of turbulent relations, major maliciously designed disruptions, and other conflicts. This is a list of known and documented Internet, Usenet, virtual community and World Wide Web related conflicts, and of conflicts that touch on both offline and online worlds with possibly wider reaching implications.
Voice phishing, or vishing, is the use of telephony to conduct phishing attacks.
Internet fraud prevention is the act of stopping various types of internet fraud. Due to the many different ways of committing fraud over the Internet, such as stolen credit cards, identity theft, phishing, and chargebacks, users of the Internet, including online merchants, financial institutions and consumers who make online purchases, must make sure to avoid or minimize the risk of falling prey to such scams.
Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The Payment Card Industry Data Security Standard is the data security standard created to help financial institutions process card payments securely and reduce card fraud.
Zeus is a Trojan horse malware package that runs on versions of Microsoft Windows. It is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation, it became more widespread in March 2009. In June 2009 security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon, and BusinessWeek. Similarly to Koobface, Zeus has also been used to trick victims of technical support scams into giving the scam artists money through pop-up messages that claim the user has a virus, when in reality they might have no viruses at all. The scammers may use programs such as Command prompt or Event viewer to make the user believe that their computer is infected.
An advanced persistent threat (APT) is a stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals.
Social hacking describes the act of attempting to manipulate outcomes of social behaviour through orchestrated actions. The general function of social hacking is to gain access to restricted information or to a physical space without proper permission. Most often, social hacking attacks are achieved by impersonating an individual or group who is directly or indirectly known to the victims or by representing an individual or group in a position of authority. This is done through pre-meditated research and planning to gain victims’ confidence. Social hackers take great measures to present overtones of familiarity and trustworthiness to elicit confidential or personal information. Social hacking is most commonly associated as a component of “social engineering”.
Cozy Bear, classified by the United States federal government as advanced persistent threat APT29, is a Russian hacker group believed to be associated with one or more intelligence agencies of Russia. The Dutch General Intelligence and Security Service (AIVD) deduced from security camera footage that it is led by the Russian Foreign Intelligence Service (SVR), a view shared by the United States. Cybersecurity firm CrowdStrike also previously suggested that it may be associated with either the Russian Federal Security Service (FSB) or SVR. The group has been given various nicknames by other cybersecurity firms, including CozyCar, CozyDuke, Dark Halo, The Dukes, Midnight Blizzard, NOBELIUM, Office Monkeys, StellarParticle, UNC2452, and YTTRIUM.
Carding is a term of the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.
Fancy Bear, also known as APT28, Pawn Storm, Sofacy Group, Sednit, Tsar Team and STRONTIUM or Forest Blizzard, is a Russian cyber espionage group. Cybersecurity firm CrowdStrike has said with a medium level of confidence that it is associated with the Russian military intelligence agency GRU. The UK's Foreign and Commonwealth Office as well as security firms SecureWorks, ThreatConnect, and Mandiant, have also said the group is sponsored by the Russian government. In 2018, an indictment by the United States Special Counsel identified Fancy Bear as GRU Unit 26165. This refers to its unified Military Unit Number of the Russian army regiments. The headquarters of Fancy Bear and the entire military unit, which reportedly specializes in state-sponsored cyberattacks and decryption of hacked data, were targeted by Ukrainian drones on July 24, 2023, the rooftop on an adjacent building collapsed as a result of the explosion.
Lazarus Group is a hacker group made up of an unknown number of individuals, alleged to be run by the government of North Korea. While not much is known about the Lazarus Group, researchers have attributed many cyberattacks to them between 2010 and 2021. Originally a criminal group, the group has now been designated as an advanced persistent threat due to intended nature, threat, and wide array of methods used when conducting an operation. Names given by cybersecurity organizations include Hidden Cobra and ZINC or Diamond Sleet. According to North Korean defector Kim Kuk-song, the unit is internally known in North Korea as 414 Liaison Office.
Charming Kitten, also called APT35, Phosphorus or Mint Sandstorm, Ajax Security, and NewsBeef, is an Iranian government cyberwarfare group, described by several companies and government officials as an advanced persistent threat.
The Nitro hacking attacks were a targeted malware campaign in 2011 suspected to be a case of corporate espionage. At least 48 confirmed companies were infected with a Trojan called Poison Ivy that transferred intellectual property to remote servers. Much of the information known about these attacks comes from a white paper published by cybersecurity company Symantec.