What is a Whaling Attack?
Why company ‘Big Fish’ attacks can be hard to spot
Many of us are familiar with phishing emails; when an attacker sends an email that appears as if it's from a trusted source. These are usually sent off to multiple addresses in the hope of encouraging recipients to disclose sensitive information - usernames, passwords and credit card details - often by luring them to a website that has been created especially for the attack.
But what is Whaling? So called because of the size of its target, Whaling is a form of spear-phishing which targets a particular individual in order to steal sensitive company information such as the financial or personal details of employees.
Whaling emails and their website links are more difficult to detect than a typical phishing attack because they are highly customised and personalised, often incorporating the target's name, job title or other relevant information; easily be gleaned from places such as Facebook, LinkedIn and twitter. Whaling takes more time and effort, so the emails often appear legitimate. As Whaling has become more successful, so the attacks have increased.
Many companies have fallen victim: In 2016, a high-ranking employee of the social media app Snapchat was targeted and consequently tricked into revealing employee and payroll information.
So what can companies do? Digital Guardian.com offers the following advice:
Train staff what to look out for. Common characteristics of Whaling attacks include spoof sender names, unsolicited requests/attachments and spoof hyperlinks
Make sure you have privacy restrictions on all online profiles. Think about what you are sharing and include as little personal information a possible
Mark external emails. Flag emails sent outside the corporate network. Whaling emails often attempt to impersonate people within the organisation.