Whaling Attack: What is it and how to stay protected?

• Whaling attack targets high-profile targets because they’re likely to possess access to more confidential data, intellectual property, and other sensitive information.
• Some whale phishing emails are also designed to approve fraudulent wire transfers.

What is a Whaling attack?

Whaling attack, also known as Whale phishing attack is a type of phishing attack that targets wealthy, prominent, and high-profile individuals such as CEOs, CFOs, and senior or high-level executives.

How does it work?

Whaling attack targets high-profile targets because they’re likely to possess access to more confidential data, intellectual property, and other sensitive information.

• In a whaling attack, a highly customized phishing email that includes the target’s name, job title, and other relevant information, is sent to the high-profile targets.
• The whaling emails include a link that redirects the targets to a phishing page that harvests the targets’ personal or corporate information.
• Some whale phishing emails are also designed to approve fraudulent wire transfers.

Due to their highly targeted nature, whaling attacks are often more difficult to detect than standard phishing attacks. This is because the sender's email address and the links used in the email are designed to look very legitimate.

Examples of a whaling attack

Example 1 - Snapchat fell victim to a whaling attack

In 2016, the payroll department at Snapchat received a whaling email that purported to come from the CEO asking for employee payroll information. In response to the email, the payroll staff disclosed all of the company’s payroll data to a scammer.

Example 2 - Mattel lost $3million in a whaling attack

Toy giant Mattel lost over $3 million after a senior finance executive fell victim to a whaling email attack. The email purported to come from the new CEO and requested a wire transfer.

Example 2 - Seagate suffered a whaling attack

Another similar incident happened in March 2016, when an executive at Seagate responded to a whaling email that requested the W-2 forms for all current and former employees. The incident resulted in a breach of income tax data for nearly 10,000 Seagate employees.

How to defend against whaling attacks?

• Experts recommend to never click links or attachments in emails that come from anonymous sources.
• It is best to not respond to any emails that ask for personal or financial information.
• It is always best to verify the legitimacy of the source before responding to an email.
• High-level executives should take extra caution when posting and sharing personal information on social media sites such as Facebook, Twitter, and LinkedIn.
• Security researchers recommend educating employees on how to identify phishing emails.
• It is highly recommended to implement a good anti-phishing software
• Another best way to detect whaling emails is by flagging emails that are sent from outside of the corporate network.