Clone phishing is a type of fraud that comes under social engineering that is a type of spear phishing. Spear phishing is extraction of information from a targeted individual or company, mostly high profile. Clone phishing is also targeted at specific individuals or organizations wherein a previous legitimate mail will be copied/cloned so as to look almost identical to the original mail. It is then sent to the target with a corrupt link or attachments. The mails are spoofed to appear as if it came from the original sender. Such mails often pose as a resend of the original mail or an update to the original mail.
Clicking on these links or attachments will put the personal details of the target at risk. The links will contain malicious software that might wipe the computer clean, retrieve and duplicate the data on the disk space or have complete access to the device itself. Clone phishing is not just used extract finances discreetly. With all the sensitive personal information, the target might be blackmailed, extorted or exposed.
For example, recently, a group of Russian hackers attacked one of the Amazon Web Services’ cloud DNS named Route 53. The target was Ethereum cryptocurrency wallet MyEtherWallet.com. The hackers intercepted the traffic to the cloud and lead the users straight to a phishing site through a corrupt link. When the users clicked on the link, they were redirected to a phishing website clone, where the hackers harvested their personal information. The hackers stole 215 Ether from the attack. The coins were valued at approximately $160,000.