The Phishie Awards: (Dis)Honoring The Best Of The Worst Phishing Attacks From the costly to the clever to the just plain creepy, here are the recent phishing campaigns that have earned our reluctant recognition.
1 of 11
You invest in the slickest, smartest, security gear. The latest in threat intelligence, behavior analysis, and every other cutting-edge tech that widened your eyes on the trade show floor. It's excellent, exciting, expensive...and useless against a top-notch social engineer.
Okay, that might be a bit of an overstatement, but there are plenty of examples when social engineering bested the best security technology -- to sack Troy with a wooden horse or to steal diamonds with a charming smile.
These days, the social engineer's favorite tool isn't the smile; it's the humble phishing message.
It's a very adaptable piece of kit. It can deliver any manner of malicious payloads, as attachments, embedded objects, or links. It can be customized to lure in any kind of game -- from John Q. Public to John Q. White House Ambassador. It can be used as part of attacks to steal data, steal money, or steal secrets.
Adaptable and successful. Take a peak behind some of the biggest breaches and costliest attacks and you may see a phishing message at the root of it.
So, with some help from experts at KnowBe4 and PhishLabs, we've decided to recognize some of the most intriguing examples of phishing in recent history. The clever, the costly, the just plain creepy.
Read on to see which attack campaigns and categories earn the dubious honor of winning one of the coveted Phishie Awards.
Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad ... View Full Bio
1 of 11