A whaling attack is a kind of spear-phishing attack, with bigger targets. Whale attackers are more specific about the person they are looking to target. It can be an influencer or a high level executive or just anyone at an esteemed position. The criminals can impersonate a senior manager in the organization, such as a CFO or CEO, hoping to take advantage of their authority to access confidential data. They trick employees into replying with personal or financial details. These attackers strategize their tactics in such a way that persuades people into falling into the trap.
How Do They Work And What Makes Them Successful?
In comparison to spear phishing attacks, whaling attacks demand more planning and research. Impersonating a high-potential target is no kid’s play, and they take time to figure out an approach that looks genuine. In order to establish an attacking plan, cyber criminals take a look at public company and social media information. They may also use rootkits and malware to infiltrate the network, and try to make the emails appear like they are coming from a trusted source.
The most effective method of phishing is definitely through emails. Almost 98% of phishing attacks make use of this weapon. In the past, these emails mainly focused on including attachments or links with malware. Given the advancement in technology, whale attackers can now make a single request that seems credible to the target. Keeping your IPs highly anonymous with private proxies can really help the cause.
Examples Of Whaling Attacks
In 2016, the payroll data of the Snapchat company was leaked by an employee. He responded immediately to an email that appeared to be from the CEO. The payroll team and the HRs are soft targets for the attackers, since they have access to confidential data.
In another attack, an employee of a commodities firm wired $17.2 million in installments to a China-based bank. The email request appeared to have come from the CEO. At the time, the company was considering expansion of its business in China, so the request seemed credible enough.
How To Avoid A Whaling Attack
The same set of tactics is employed for a whaling attack, as it is for a phishing attack. Here are a few things you should implement to avoid such attacks.
- Train your employees to identify phishing emails, and validate any request before responding.
- Call to confirm urgent queries that may seem suspicious.
- Highlight potential scam emails by flagging anything that comes from outside of the organization.
- Social media relates to whale phishing, and it’s a goldmine for cybercriminals. Discuss its use with the executive team.
- In order to reduce exposure of information that can be employed in a social engineering scam, security experts suggest that the executive team members enable proxies on their social media account.
- For internal or external requests for wire transfers or sensitive data, establish a multi-step verification process.
- Exercise data security and data protection policies to keep track of suspicious behavior and monitor email activities. Implement layered security on an enterprise level to shield your organization against whaling attacks or any sort of phishing attempts.