What is Whaling in cyber security?

Whaling in cyber security is one of the types of phishing attacks directed at high-level executives where attackers act as legitimate, trustworthy, and reputable and persuade a victim to share highly sensitive information with a fraudulent account.

How does Whaling in cyber security work?

The difference between phishing and whaling is that whaling attacks must be tailored to their particular targets. Therefore, high-level managers and executives are the main targets of these attacks. More often, the role of these individuals within an organisation has the power or ability to access credentials which is the incentive for hackers. Hackers often send an email that looks and feels like a legitimate email from a trusted source.

The primary purpose of a whaling attack for attackers is typically to steal money, data or access to the network. In a whaling attack, hackers may send an email that appears to be authentic and comes from a reliable source, typically a contact within the business or with a partner or a vendor.

A whaling email includes sufficient personal information from online research to persuade the victims that it is authentic. Whaling attacks may also require users to click on a link that takes them to a fraudulent website that looks just like the official one. Then victims may be encouraged to share their sensitive data like payroll information, tax returns or bank account numbers. Also, they may be asked to authorise a wire transfer to a bank account that turns out to be fraudulent where their personal data can be collected.

How to recognise a Whaling attack? 

A whaling attack is more difficult to recognise than a standard phishing attack, as attackers usually spend more time making email communications and websites look legitimate.

Whaling attacks in cyber security examples include:

• An email address from the sender that does not exactly match the domain of the organisation. For example, attackers frequently replace an “m” in a domain name with an “r” and an “n” or “rn” to trick the recipient.
• An urgent request to share sensitive information
• An urgent request to transfer the money to another account.
• A threat of adverse consequences

Measures against Whaling attacks:

• Flagging Emails: Flagging emails, especially from external sources, can help to highlight these attacks and make them easier to detect.
• Install antivirus software and antimalware: Whaling attacks are generally designed to install malware on a high-level management staff’s computer. Ensuring that antivirus and antimalware protection are installed and kept up-to-date is the key way to against whaling.
• Email Security Solutions: Installing updated email security solutions can detect warning signs of a whaling attack and block suspicious emails from reaching the target inbox.

Swiftcomm, as a professional IT support provider, has developed an email security solution that detects whaling and other phishing techniques and provides strong protection against various email-based attacks.