Security

Inside a Whaling Attack

As phishing attacks continue to rise in volume, more and more companies are being hit with whaling attacks, which are large-scale scams that go after the personal information of employees, as well as the financial information of companies. Online scammers usually trick executives into revealing company information through emails or spoofed websites.

Read More: Hackers Might be able to Take Control of your Smart Car

Learn how whaling attacks works, why they work, and ways to avoid them.

They Seem So Legitimate
Snapchat and Seagate have both fallen prey to whaling attacks in recent years. Part of the reason why they are successful is because they are highly personalized towards their target. For example, a fake email from a company executive might include the company logo, phone information and other details to trick the victim.

Whaling scams usually don’t use hyperlinks with malicious software, but hackers occasionally use this route as well. Attackers gather information from the company by examining the personal data of an employee on Facebook, Twitter, LinkedIn and other social media sites that may reveal something about the person.

Point-of-Sale Malware That Steals Data
One recent whaling attack that hit a company is a point-of-sale (POS) scam that relies on User Datagram Protocol (UDP) DNS traffic to extract credit card information. Instead of relying on HTTP to scam users, UDPoS uses Domain Name System (DNS) queries to steal data.

The scam works because the malware masks itself as an update from LogMeIn, which is a legitimate remote desktop service that companies use to manage computers and other systems. However, this malware is not actually an update from LogMeIn, but masks itself in order to avoid detection through firewalls and other security measures and steal card payment data. 

How to Avoid a Whaling Attack
Education is the key. Teach employees, senior management, and IT staff about whaling attacks. All staff should know how to differentiate real emails from spoofed ones, avoid unsolicited attachments, and discern fake hyperlinks. Conducting seminars on fake whaling attacks is a sound way to train employees. Another last measure for an IT department is to flag external emails if they’re coming from outside the company.

But, what can you do, personally? Try to enable safety settings on your private profiles so hackers can’t discover specific details about you, like your date of birth or information about your friends. Finally, be very careful about having work documents on your home devices such as a laptop or smartphone.

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.

Recent Posts

Why Updating Android Helps Protect Your Phone, Even When Nothing Looks Different

Have you ever put off an Android update because you figured nothing would really change…

57 years ago

Your Phone Knows Where You’ve Been. Here’s Why That Matters More Than Ever

Do you know how many places your phone can remember from just one ordinary week?…

57 years ago

Does Changing Your Password Every Week Make Your Account Safer? Myth or Fact

You’ve probably heard that changing your password every week is a smart way to keep…

57 years ago

What Happens When You Tap “Allow” on an Android App?

You install a new app, open it for the first time, and the screen pops…

57 years ago

5-Minute Monthly Phone Check: What to Review on Android

You unlock your phone to answer a quick text and, without even noticing it, pass…

57 years ago

What Happens to Your Data After You Close an App?

You open an app to order food, check your bank balance, chat with friends, or…

57 years ago