In March 2011, Internal RSA staff were successfully phished, leading to the master keys for all RSA security tokens being stolen, which were used to break into US defense suppliers.
In August 2013, advertising platform Outbrain became a victim of spear phishing when the Syrian Electronic Army placed redirects into the websites of The Washington Post, Time, and CNN.
In November 2013, Target suffered a data breach in which 110 million credit card records were stolen from customers, via a phished subcontractor account. Target’s CEO and IT security staff members were subsequently fired.
Between September and December of 2013, Cryptolocker ransomware infected 250,000 personal computers with two different phishing emails. The first had a Zip archive attachment that claimed to be a customer complaint and targeted businesses, the second contained a malicious link with a message regarding a problem clearing a check and targeted the general public. Cryptolocker scrambles and locks files on the computer and requests the owner make a payment in exchange for the key to unlock and decrypt the files. According to Dell SecureWorks, 0.4% or more of those infected paid criminals the ransom.
In January 2014, the Seculert Research Lab identified a new targeted attack that used Xtreme RAT (Remote Access Toolkit). Spear phishing emails targeted Israeli organizations to deploy the advanced malware. 15 machines were compromised - including those belonging to the Civil Administration of Judea and Samaria.
In August 2014, iCloud leaked almost 500 private celebrity photos, many containing nudity. It was discovered during the investigation that Ryan Collins accomplished this phishing attack by sending emails to the victims that looked like legitimate Apple and Google warnings, alerting the victims that their accounts may have been compromised and asking for their account details. The victims would enter their password, and Collins gained access to their accounts, downloading emails and iCloud backups.
In September 2014, Home Depot suffered a massive breach, with the personal and credit card data of 100+million shoppers posted for sale on hacking websites.
In November 2014, ICANN employees became victims of spear phishing attacks, and its DNS zone administration system was compromised, allowing the attackers to get zone files and personal data about users in the system, such as their real names, contact information, and salted hashes of their passwords. Using these stolen credentials, the hackers tunneled into ICANN's network and compromised the Centralized Zone Data System (CZDS), their Whois portal and more.
In August 2015, another sophisticated hacking group attributed to the Russian Federation, nicknamed Cozy Bear, was linked to a spear phishing attack against the Pentagon email system, shutting down the unclassified email system used by the Joint Chiefs of Staff office.
In August 2015, Fancy Bear used a zero-day exploit of Java, spoofing the Electronic Frontier Foundation and launched attacks against the White House and NATO. The hackers used a spear phishing attack, directing emails to the fraudulent url electronicfrontierfoundation.org.
In August 2016, the World Anti-Doping Agency reported a phishing attack against their users, claiming to be official WADA communications requesting their login details. The registration and hosting information for the two domains provided by WADA pointed to Fancy Bear.
In 2017, 76% of organizations experienced phishing attacks. Nearly half of information security professionals surveyed said that the rate of attacks had increased since 2016.
In November of 2017, Kazakhstan-born Canadian citizen Karim Baratov pleaded guilty to the massive 2014 Yahoo hack that affected three billion accounts and admitted to helping the Russian intelligence.
PhishLabs published new analysis in December 2017 showing that phishers have been adopting HTTPS more and more often on their sites.
A sextortion phishing campaign seen in July 2018 was the first to use recipient's actual hacked passwords in the emails to convince people that the hacking threat is real. Given the sheer volume of hacked and stolen personal data now available online, this is a big threat to watch out for in 2018.
Researchers at FireEye examined over half-a-billion emails sent between January and June 2018 and found that one in 101 emails are classed as outright malicious, sent with the goal of compromising a user or network.
Phishing campaigns during the partial U.S. government shut down in January 2019 caused widespread confusion over whether the IRS will be sufficiently operational to process tax returns and issue refunds.