Skip to content
Real-life Appplications for ChallengeWord

Case Studies

#Banking #Smishing #Vishing #SIMSwapping #SS7

Metro Bank Smishing & Vishing Attack

In early 2019, Metro Bank, a UK-based financial institution, found itself at the center of one of the most sophisticated social engineering attacks in banking history. Cybercriminals leveraged a lethal combination of smishing, vishing, SIM swapping, and telecom vulnerabilities to bypass security measures and siphon funds from unsuspecting customers.

Read More

Industry & Location
  • Banking Industry
  • Financial Institutions
  • United Kingdom
Technology & Attack
  • Smishing
  • Vishing
  • SIM Swapping
  • SS7 Exploit

 

Damage
  • Thousands of customer dollars
  • Loss of organization reputation
ChallengeWord Solution
  • Smishing & Vishing protection
  • Works with MFA for additional defense
#Energy #AI #Vishing

AI Powered Social Engineeering

March 2019, a UK-based energy firm fell victim to an unprecedented cyberattack where fraudsters used AI-generated deepfake audio to impersonate the voice of the company's CEO. The deepfake technology mimicked the CEO's voice with striking accuracy, replicating not only the tone and inflection but also the subtle nuances that would ordinarily be recognized by employees.

Read More

Industry & Location
  • Energy Sector
  • United Kingdom
Technology & Attack
  • Vishing
  • Deepfake
  • Voice mimicking
  • Artificial Intelligence

 

Damage
  • $243,000
  • Loss of organization reputation
ChallengeWord Solution
  • Deepfake & AI identity hacking protection
  • Vishing protection
  • Secure personal verification
#SocialMedia #Vishing #Bitcoin

2020 Twitter Hack

On July 15, 2020, several high-profile Twitter accounts, including those of prominent figures like Elon Musk, Barack Obama, Bill Gates, and Kanye West, were compromised. The hijacked accounts were used to post a Bitcoin scam, promising to double any payments sent to a specific cryptocurrency wallet. Attackers used a Vishing scheme to deceive employees into revealing credentials that allowed them to access Twitter’s internal tools.

Read More

Industry & Location
  • Social media
  • United States
Technology & Attack
  • Vishing
  • Cryptocurrency
  • 2FA 
  • Brand Architecture
Damage
  • $100,000 in Bitcoin within hours
  • Damage to high-profile account holders' reputations
ChallengeWord Solution
  • Vishing protection
  • External security breach protection
#Casinos #Hospitality #SocialEngineering #Ransomware

MGM Social Engineering Hack

Attackers managed to trick an MGM IT employee into resetting their login credentials by impersonating an employee. This allowed the attackers to infiltrate MGM's network and gain access to sensitive data & systems. Once inside, the attackers deployed ransomware, encrypting critical systems and demanding a ransom for their release. This paralyzed MGM's operations including its reservation systems, casino floors, and even digital room keys.

Read More

Industry & Location
  • Casino
  • Hospitality
  • Las Vegas, Nevada
Technology & Attack
  • Vishing
  • Impersonation
  • Ransomware
  • Data encryption
Damage
  • $145,000,000
  • Decrease in operations for 10 days
  • Security & reliability damage
ChallengeWord Solution
  • Impersonation protection
  • Prevent vishing scams
  • Decrease ransomware attacks from social engineering