Cyber crime is a serious threat that affects millions of people and businesses every year. Hackers use various techniques to trick, deceive, or coerce their victims into giving up money, personal information, or access to their systems. Some of the most notorious cyber scams in history have caused billions of euros in losses and damages, as well as reputational harm and legal consequences for the victims.
In this blog post, we will look at five of the biggest cyber scams in the world and how they were carried out.
Colonial Pipeline (up to €3.4 billion)
The Colonial Pipeline is a major fuel pipeline that supplies about 45% of the East Coast of the United States with gasoline, diesel, jet fuel, and heating oil. In May 2021, the pipeline was hit by a ransomware attack that encrypted its data and demanded a payment of 75 bitcoins (about €3.4 million at the time) to restore it. The attack disrupted the fuel supply for several days, causing panic buying, price spikes, and shortages at gas stations. Pipeline operator paid the ransom to the hackers, who were later identified as a group called DarkSide, but only recovered some of the data. US government also seized about €2 million worth of bitcoins from a wallet used by the hackers.
Facebook and Google (€90 million)
Facebook and Google are two of the most popular and profitable online platforms in the world. But they are not immune to cyber scams. In 2013-2015, they fell victim to a sophisticated fraud scheme orchestrated by a Lithuanian man named Evaldas Rimasauskas. He created fake companies and invoices that mimicked those of a legitimate Taiwanese hardware manufacturer called Quanta Computer. They had business relationships with both Facebook and Google. The scammer then sent phishing emails to employees of Facebook and Google. Pretending to be Quanta representatives, they asked them to wire money to bank accounts controlled by him. Rimasauskas also managed to trick them into transferring over €90 million before he was caught and arrested.
Sony Pictures (€80 million)
Sony Pictures is one of the largest film studios in Hollywood. In November 2014, Sony Pictures was hacked by a group calling themselves Guardians of Peace (GOP), who claimed to be motivated by Sony’s upcoming release of The Interview. This is a comedy film that depicted the assassination of North Korean leader Kim Jong-un. The hackers stole and leaked confidential data from Sony Pictures, including personal information of employees and celebrities, unreleased films and scripts, emails, and passwords. They also threatened to launch terrorist attacks on cinemas that showed The Interview. Hack cost Sony Pictures about €80 million in damages and lost revenues. Sony also damaged its reputation and relationships with partners and clients.
Crelan Bank (€75.6 million)
Crelan Bank is a Belgian cooperative bank that offers banking and insurance services to individuals and businesses. In January 2016, Crelan Bank discovered that it had been defrauded of €75.6 million by unknown cybercriminals. The fraudsters used a technique called CEO fraud or business email compromise (BEC). This involves impersonating a senior executive or a trusted partner of a company and requesting an urgent wire transfer to a foreign account. They targeted Crelan Bank’s CEO Luc Versele and sent emails to his staff, instructing them to transfer money to accounts in China and Hong Kong. The staff compiled without verifying the authenticity of the emails or the identity of the sender.
FACC (€42 million)
FACC is an Austrian aerospace company that produces components for aircraft manufacturers such as Airbus and Boeing. In January 2016, FACC was also hit by a CEO fraud scam that cost it €42 million. The scammers posed as FACC’s CEO Walter Stephan and CFO Minfen Gu and sent emails to FACC’s accounting department, requesting them to transfer money to bank accounts in Slovakia and Asia for a fake acquisition project. Accounting staff did not question the emails or check with their superiors before making the transfers. Scam was discovered when FACC’s auditors noticed irregularities in its financial statements.
These cyber scams are examples of how cyber criminals can use deception, manipulation, and technology to steal money from individuals and businesses. They also show how cyber attacks can have serious consequences for the victims, such as financial losses, legal troubles, reputational damage, and operational disruption. To prevent and mitigate such scams, we need to be vigilant and cautious when dealing with online communications and transactions, and follow best practices for cyber security, such as:
- Using strong and unique passwords for different accounts and devices
- Enabling multi factor authentication whenever possible
- Updating software and systems regularly
- Using an updated anti-malware security & virus protection
- Avoiding opening or clicking on suspicious links or attachments
- Verifying the identity and legitimacy of email senders and recipients
- Reporting and deleting any phishing emails or messages
- Educating ourselves and others about the latest cyber threats and trends
- Having backup and recovery plans in case of a cyber attack
By being aware and proactive, we can protect ourselves and our organizations from falling prey to cyber scams.
References
- https://www.techtarget.com/whatis/feature/Colonial-Pipeline-hack-explained-Everything-you-need-to-know
- https://www.bbc.com/news/technology-57063636
- https://www.itp.net/art-culture/612514-facebook-and-google-duped-into-100m-phishing-scam
- https://www.theguardian.com/technology/2014/dec/30/hackers-publish-more-data-from-sony-pictures-cyber-attack
- https://www.bankinfosecurity.com/belgian-bank-reveals-phishing-loss-a-8858
- https://www.wired.co.uk/article/facc-ceo-fired-over-email-scam
