CYBER SECURITY TERMINOLOGY EXPLAINED

What is Whaling?

A ‘Whaling attack’ targets high-profile executives in hopes of obtaining sensitive information or money by using social engineering methods to trick victims into performing certain actions, e.g., logging into a work portal. Given the elevated access to sensitive data and financial records, senior executives are the primary targets of this sort of cyberattack.

Differences between Whaling vs. Phishing

Phishing is a more general term for a social engineering technique in which a cybercriminal will use email to manipulate victims into downloading malicious malware or providing sensitive information. Whereas whaling is a form of spear phishing—targeted phishing—where the attack is focused on senior executives with the view that these users have elevated access, expediting the criminal’s path to profit.

Why does whaling happen?

A cybercriminal may launch a whaling attack for one or more of the following reasons:

  • Stealing sensitive data: This includes theft of high-value data, such as an employee’s social security number or customers’ personal financial information.
  • Stealing user credentials: The compromised user credentials can grant high-level permission to assets or data on the victims’ system. Additionally, criminals can use these credentials to launch a second whale phishing attack.
  • Planting malware: Cybercriminals entice victims to visit a malicious website or download a malicious file attachment to spread malware. Malware can gather personal information (browsing habits, login credentials, or financial data) and cause system crashes and data loss.

Consequences of whaling attacks on organisations:

  • Financial loss: Whether it’s money stolen by cybercriminals intercepting invoice payments, revenue lost due to disruption of operations, or regulatory fines, the impact can be significant to your business.
  • Reputational damage: Financial or data loss due to whaling attacks can erode a customer’s trust, especially if sensitive customer data is compromised.

What can I do to prevent whaling attacks?

  • Maintain a healthy amount of scepticism: When receiving unsolicited communication, keep an eye out for indications of a whaling attack, such as unusual or urgent requests, an unexpected message, or an external sender.
  • Implement verification measures: For financial transactions and sensitive information requests, such as a multi-person authorization process.
  • Cyber security awareness training: Educating employees on cyber threats and what actions they should take to avoid being another victim. Simulated attacks on staff can identify and address company security gaps.
  • Layers of defence: Ensure that there is sufficient control and alerting to stop the progression of an attack.
  • Remove and block any spam messages that you receive: To make this process easier, you can add antispam filters that identify and bypass any unwanted messages before they hit your inbox.

CYBER SECURITY UPDATES

Sign up for the latest advice and information about keeping your business cyber secure.