Whaling in cyber security is one of the types of phishing attacks directed at high-level executives where attackers act as legitimate, trustworthy, and reputable and persuade a victim to share highly sensitive information with a fraudulent account.
The difference between phishing and whaling is that whaling attacks must be tailored to their particular targets. Therefore, high-level managers and executives are the main targets of these attacks. More often, the role of these individuals within an organisation has the power or ability to access credentials which is the incentive for hackers. Hackers often send an email that looks and feels like a legitimate email from a trusted source.
The primary purpose of a whaling attack for attackers is typically to steal money, data or access to the network. In a whaling attack, hackers may send an email that appears to be authentic and comes from a reliable source, typically a contact within the business or with a partner or a vendor.
A whaling email includes sufficient personal information from online research to persuade the victims that it is authentic. Whaling attacks may also require users to click on a link that takes them to a fraudulent website that looks just like the official one. Then victims may be encouraged to share their sensitive data like payroll information, tax returns or bank account numbers. Also, they may be asked to authorise a wire transfer to a bank account that turns out to be fraudulent where their personal data can be collected.
A whaling attack is more difficult to recognise than a standard phishing attack, as attackers usually spend more time making email communications and websites look legitimate.
Whaling attacks in cyber security examples include:
Swiftcomm, as a professional IT support provider, has developed an email security solution that detects whaling and other phishing techniques and provides strong protection against various email-based attacks.