Trick 5- Spear Phishing for Unauthorized Data Access
- Hack-for-hire groups used spear phishing emails to steal login credentials.
- Created fake websites resembling legitimate services to deceive targets.
- Accessed sensitive data for financial gain and corporate espionage, affecting stock market stakeholders.
5. Dark Basin Hack-for-Hire Operations (2015–2020)
Steps of the Fraud:
- Spear Phishing Campaigns:
- The group known as Dark Basin conducted targeted phishing attacks against individuals and organizations, including those in India.
- Credential Theft:
- Victims were lured into providing login credentials through deceptive emails and fake websites resembling legitimate services.
- Unauthorized Data Access:
- Stolen credentials were used to access sensitive information, which was then exploited for various purposes, including corporate espionage.
- Global Reach:
- The operation targeted thousands of individuals across six continents, affecting numerous sectors.