'Whaling' threats target the big fish of the corporate world

Whaling has increasingly been in the news thanks to the ingenious ways a new breed of phishermen collect data to carry out scams and the move towards targeting business networking sites.

The proliferation and popularity of collaborative Web 2.0 sites – there are around 250,000 new registrations to Facebook everyday – has changed the threat landscape and the way businesses need to think about security. Each year, newer technologies and weapons are being unleashed to leave Web users surprised, annoyed and at greater risk.‘Whaling’ or ‘spear phishing’, is one such threat and refers to phishing scams which specifically target high-worth individuals.

According to a recent report by iDefense Labs , a noted security and vulnerability research organization, there were 66 distinct spear phishing attacks in the US between February 2007 and June 2008, with the rate of attacks continuing to accelerate. The report goes on to say that spear phishing groups have claimed more than 15,000 corporate victims in 15 months, with victims’ losses exceeding US$100,000 in some cases. Victims include Fortune 500 companies, financial institutions, government agencies and legal firms.

Whaling scams leverage social engineering techniques and contain personal details to trick individuals into thinking the e-mail is genuine. This is an evolution from simple phishing, where e-mails are sent at random, to a much more targeted approach, whereby victims are picked according to their status and supposed wealth. Scammers target these high-level executives through their work e-mail addresses to improve their credibility and include information such as a direct dial telephone number or job title. By making the e-mails seem legitimate rather than looking obviously like spam, these whalers are hoping executives will disclose their bank details and home addresses or will click a link to install malware on their computer.

To emphasise how organised whaling is becoming and the seriousness of the matter, it has been proven that over 95 per cent of whaling attacks are known to have been carried out by just two independent criminal groups . One installs a Browser Helper Object and the other installs a keylogger, both of which perform man-in-the-middle attacks, capable of defeating two-factor authentication. This would involve overcoming two safeguards, such as a password and random memorable security token number.

Join the CSO newsletter!

Error: Please check your email address.

Tags whaling

More about Clearswift Asia PacificetworkFacebookiDefenseMicrosoftVigilance

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Pete Simpson

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts