A form of phishing, cyber whaling is targeted at seniors and top-most executives, people at powerful positions, working in an organization. Target whales are picked up by cybercriminals based on their level of seniority and authority in the company.
The targeted group of such whale phishing attacks is usually CEOs and CFOs of the organization. In 2014, it was reported that about $215 million was lost by organizations in the US. In the next three years, the value of these attacks rose by about 200% in 2017. Quite alarming, at the rate, the whaling attacks are on the rise!
Let us start by first understanding the whaling email definition.
Whale phishing is a technique where attackers adopt innovative methods to reach out to high-profile targets in an organization. Since the targeted group is one of the most educated, experienced, trained about security awareness and senior-most people in the company, attackers know that they cannot use the same-old tried-and-tested phishing methods.
Whale phishing definition – also famously called CEO Fraud, email ids are spoofed just like in phishing to trick a specific targeted group.
The technique used by attackers is to create and send a whaling email to give the impression to the sender that it is from someone who is known to the person. This technique is famously called the social engineering technique. The email seems to be so honest and trustworthy that the receiver usually does not doubt the credibility of the email. Attackers of whale phishing use personal information that they gather from the social media accounts or other public profiles online of the target.
What makes the whaling cyber attacks dangerous is that the attacker, pretending to be a trusted and known person of the receiver, asks for sensitive data that is related to employee records like payroll, or personal data like requesting the recipient to authorize a bank transfer. In some cases, the attacker sends a link via the email which when clicked instantly gets malware installed on the receiver’s computer.
The notoriety of a whale phish email can be understood from the fact that the attacker is knowledgeable and acts like someone very close to the recipient. Here are a few examples of how whaling online fraud is aimed at the top executives with the potential to make a deep dent in organizations.
2. Security training programs
The essence and whale phishing meaning needs to be informed via awareness training programs that are explicitly curated for whaling targets in the organization. The program should throw light on the type of information being shared on social media accounts by the target group.
3. Review existing policies
Corporates must have consistent in-house policies to keep reviewing their existing SOPs related to financial transfers or the sharing of sensitive information and data. There also needs to be a clear-cut way to deal with urgent requests from senior management and executives.
4. Security software to defend against whale phishing
There are different options to make your system strong and secure. Installing anti-spam, anti-phishing, and anti-malware software programs help block emails; use of the latest email scanning programs can be done; anti-impersonation technology can be used to stop attacks that are malware-less; DNS authentication technology can be used for identification of legitimate email ids and sources.
Comparing spear-phishing and whaling attacks online
Spear phishing and whaling are similar because these are different forms of online attacks by cybercriminals. The method used for both the methodology is popularly called social engineering.
However, there is a difference between both. The basis to define whale phishing is that it is meant for a particular group of targets. In other words, it means that Whale phishing is a specialized form of spear-phishing that victimizes only high-profile, top executives, senior management, or key people in an organization. Spear phishing, however, is targeted at normal individuals.
A significant similarity between both the attacks is that both need to be planned well by the attacker. Unlike ordinary online attacks, here the attacker needs to work hard in preparing a convincing plot. It takes time.
When a Whale phishing attack is suspected, it entails immediate action. One of the first things to do is to disconnect the computer system from the internet and local network. Your IT department needs to go on a spree of activities that start from issuing a warning to other whaling targets, scanning the system for malware or virus attack, and informing the Cybersecurity cell about the attack.
Whaling attacks are common now, and the threat is looming large. This is why it is essential that all the key departments and people stay alert and aware, always.