How Phishing Leads to Other Cyber Attacks? (Part 2)
The impact of phishing attacks is not just limited to personal data theft; they also serve as gateways for larger and more complex cyber threats. Cybercriminals steal sensitive user information through phishing and execute various advanced cyberattacks. This article explores some major cyberattacks and their effects in the Indian context.
Account Lockout Attack
Cybercriminals repeatedly enter incorrect passwords to lock the account, preventing the legitimate user from logging in.
Impact:
• Disruption of access to critical online services.
• Operational and financial losses for individuals or organizations.
Example: A phishing attacker steals your account credentials, such as username and password, and repeatedly makes failed login attempts to lock the account.
Juice Jacking Attack
Malware is installed on devices through tampered USB ports or cables at public charging stations.
Impact:
• Sensitive data may be stolen from the phone.
• The device can be fully hacked.
Example: Travelers at Delhi and Mumbai airports were warned not to use unfamiliar USB ports.
DoS/DDoS Attack
Websites or servers are overwhelmed with massive traffic, rendering them inaccessible.
Impact:
• Websites or servers become unavailable.
• Companies suffer significant financial losses.
Example: A recent Indian case in Karnataka involved a DDoS attack on the Kaveri 2.0 portal between January and February 2025, disrupting document registration and other services (Source: The Hindu)
Digital Arrest
Digital Arrest Through phishing emails or calls, people are threatened by cybercriminals pretending to be government officials.
Impact: Cases of blackmail and extortion causing mental and financial exploitation.
Example:
In Delhi, a cybercriminal impersonating a CBI officer sent a phishing email to a businessman demanding a ransom of ₹10 lakh.
Credential Stuffing
Stolen usernames and passwords are tried on other services to gain unauthorized access.
Impact:
• Multiple accounts can be hacked simultaneously.
• Theft of personal and financial data.
Example: In 2024, credential stuffing attacks on companies like Roku and Okta affected 591,000 accounts, granting attackers unauthorized access.
Cryptojacking
Cryptojacking Through phishing emails or malicious websites, cryptomining malware is installed on users' devices to mine cryptocurrency.
Impact: Device performance degrades, battery drains quickly, and power consumption increases.
Example: The 2023 "EleKtra-Leak" attack involved attackers mining Monero cryptocurrency using AWS credentials stolen from GitHub.
Deepfake Fraud
Videos or audio of a person are deepfaked using phishing and social engineering.
Impact:
• Risk of misinformation and entrapment of individuals.
• Financial fraud and identity theft.
Example:
In 2024, a deepfake attack involved a fake video call impersonating a CFO, resulting in a $25.6 million fraud.
Watering Hole Attack
Cybercriminals infect a popular website so that malware is installed on users' systems upon visiting.
Impact: Increased risk of major cyberattacks on organizations and government institutions.
Example: A watering hole attack was observed when a popular tech platform's website was infected. Malware spread to users' systems via malicious code, leading to the theft of sensitive data.
How to Stay Safe?
✅ Ignore suspicious emails and messages.
✅ Verify links before clicking.
✅ Enable two-factor authentication (2FA).
✅ Regularly update passwords.
✅ Avoid using public charging stations.
✅ Report cyber attacks to CERT-In or the cybercrime department.
Awareness and Participation
This blog has provided valuable information about cybersecurity, but it is equally important to recognize your responsibility. Stay vigilant to protect yourself, your family, friends, and your social circle from cyberattacks and cybercrimes. Share this blog with your friends, family, and community to spread awareness. Regularly update yourself on cybersecurity information and make others aware of it. Let’s work together to create a secure digital India.
Call to Action:
Contributors:
Authors: Gagan Deep & Saminder Kaur