{"id":17404,"date":"2018-04-09T08:00:40","date_gmt":"2018-04-09T12:00:40","guid":{"rendered":"https:\/\/www.psafe.com\/en\/blog\/?p=17404"},"modified":"2022-04-28T08:50:46","modified_gmt":"2022-04-28T12:50:46","slug":"inside-a-whaling-attack-how-to-avoid-one","status":"publish","type":"post","link":"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/","title":{"rendered":"Inside a Whaling Attack"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">As phishing attacks continue to rise in volume, more and more companies are being hit with whaling attacks, which are large-scale scams that go after the personal information of employees, as well as the financial information of companies. Online scammers usually trick executives into revealing company information through emails or spoofed websites.<\/span><\/p>\n<p><b>Read More: <\/b><a href=\"https:\/\/www.psafe.com\/en\/blog\/hackers-control-smart-car-automotive\/\"><b>Hackers Might be able to Take Control of your Smart Car<\/b><\/a><\/p>\n<p><span style=\"font-weight: 400;\">Learn how whaling attacks works, why they work, and ways to avoid them.<\/span><\/p>\n<p><b>They Seem So Legitimate<br \/>\n<\/b><span style=\"font-weight: 400;\">Snapchat and Seagate have both fallen prey <\/span><a href=\"https:\/\/digitalguardian.com\/blog\/what-whaling-attack-defining-and-identifying-whaling-attacks\"><span style=\"font-weight: 400;\">to whaling attacks<\/span><\/a><span style=\"font-weight: 400;\"> in recent years. Part of the reason why they are successful is because they are highly personalized towards their target. For example, a fake email from a company executive might include the company logo, phone information and other details to trick the victim.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Whaling scams usually don\u2019t use hyperlinks with malicious software, but hackers occasionally use this route as well. Attackers gather information from the company by examining the personal data of an employee on Facebook, Twitter, LinkedIn and other social media sites that may reveal something about the person.<\/span><\/p>\n<p><b>Point-of-Sale Malware That Steals Data<br \/>\n<\/b><span style=\"font-weight: 400;\">One <\/span><a href=\"https:\/\/thehackernews.com\/2018\/02\/pos-malware-dns.html?utm_source=feedburner&amp;utm_medium=feed&amp;utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29&amp;_m=3n.009a.1680.kk0ao0bzne.10oc\"><span style=\"font-weight: 400;\">recent whaling attack<\/span><\/a><span style=\"font-weight: 400;\"> that hit a company is a point-of-sale (POS) scam that relies on User Datagram Protocol (UDP) DNS traffic to extract credit card information. Instead of relying on HTTP to scam users, UDPoS uses Domain Name System (DNS) queries to steal data.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The scam works because the malware masks itself as an update from LogMeIn, which is a legitimate remote desktop service that companies use to manage computers and other systems. However, this malware is not actually an update from LogMeIn, but masks itself in order to avoid detection through firewalls and other security measures and steal card payment data.\u00a0<\/span><\/p>\n<p><b>How to Avoid a Whaling Attack<br \/>\n<\/b><span style=\"font-weight: 400;\">Education is the key. Teach employees, senior management, and IT staff about whaling attacks. All staff should know how to differentiate real emails from spoofed ones, avoid unsolicited attachments, and discern fake hyperlinks. Conducting seminars on fake whaling attacks is a sound way to train employees. Another last measure for an IT department is to flag external emails if they\u2019re coming from outside the company.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">But, what can you do, personally? Try to enable safety settings on your private profiles so hackers can\u2019t discover specific details about you, like your date of birth or information about your friends. Finally, be very careful about having work documents on your home devices such as a laptop or smartphone. <\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Phishing attacks on a wider scale target large companies and you could be the next victim if you aren\u2019t careful.<\/p>\n","protected":false},"author":83,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_crdt_document":"","footnotes":""},"categories":[5],"tags":[259,182,9,545,249],"class_list":["post-17404","post","type-post","status-publish","format-standard","hentry","category-security","tag-hackers","tag-malware","tag-mobile","tag-safety","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Inside a Whaling Attack: What it is and How to Avoid One<\/title>\n<meta name=\"description\" content=\"Here\u2019s what you should know about this type of cyber attack, who it targets, and ways to avoid falling prey to them before it\u2019s too late.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Inside a Whaling Attack: What it is and How to Avoid One\" \/>\n<meta property=\"og:description\" content=\"Here\u2019s what you should know about this type of cyber attack, who it targets, and ways to avoid falling prey to them before it\u2019s too late.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/\" \/>\n<meta property=\"og:site_name\" content=\"PSafe Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-04-09T12:00:40+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-04-28T12:50:46+00:00\" \/>\n<meta name=\"author\" content=\"PSafe Newsroom\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/inside-a-whaling-attack-how-to-avoid-one\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/inside-a-whaling-attack-how-to-avoid-one\\\/\"},\"author\":{\"name\":\"PSafe Newsroom\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#\\\/schema\\\/person\\\/1c3c9cd7f8f7ff5b8e8071d39226b99d\"},\"headline\":\"Inside a Whaling Attack\",\"datePublished\":\"2018-04-09T12:00:40+00:00\",\"dateModified\":\"2022-04-28T12:50:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/inside-a-whaling-attack-how-to-avoid-one\\\/\"},\"wordCount\":419,\"keywords\":[\"hackers\",\"malware\",\"Mobile\",\"safety\",\"security\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/inside-a-whaling-attack-how-to-avoid-one\\\/\",\"url\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/inside-a-whaling-attack-how-to-avoid-one\\\/\",\"name\":\"Inside a Whaling Attack: What it is and How to Avoid One\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#website\"},\"datePublished\":\"2018-04-09T12:00:40+00:00\",\"dateModified\":\"2022-04-28T12:50:46+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#\\\/schema\\\/person\\\/1c3c9cd7f8f7ff5b8e8071d39226b99d\"},\"description\":\"Here\u2019s what you should know about this type of cyber attack, who it targets, and ways to avoid falling prey to them before it\u2019s too late.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/inside-a-whaling-attack-how-to-avoid-one\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/inside-a-whaling-attack-how-to-avoid-one\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/inside-a-whaling-attack-how-to-avoid-one\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"In\u00edcio\",\"item\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Inside a Whaling Attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/\",\"name\":\"PSafe Blog\",\"description\":\"Articles and news about Mobile Security, Android, Apps, Social Media and Technology in general.\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/#\\\/schema\\\/person\\\/1c3c9cd7f8f7ff5b8e8071d39226b99d\",\"name\":\"PSafe Newsroom\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g\",\"caption\":\"PSafe Newsroom\"},\"description\":\"The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.\",\"url\":\"https:\\\/\\\/www.psafe.com\\\/en\\\/blog\\\/author\\\/newsroom-psafe\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Inside a Whaling Attack: What it is and How to Avoid One","description":"Here\u2019s what you should know about this type of cyber attack, who it targets, and ways to avoid falling prey to them before it\u2019s too late.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/","og_locale":"en_US","og_type":"article","og_title":"Inside a Whaling Attack: What it is and How to Avoid One","og_description":"Here\u2019s what you should know about this type of cyber attack, who it targets, and ways to avoid falling prey to them before it\u2019s too late.","og_url":"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/","og_site_name":"PSafe Blog","article_published_time":"2018-04-09T12:00:40+00:00","article_modified_time":"2022-04-28T12:50:46+00:00","author":"PSafe Newsroom","twitter_misc":{"Written by":false,"Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/#article","isPartOf":{"@id":"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/"},"author":{"name":"PSafe Newsroom","@id":"https:\/\/www.psafe.com\/en\/blog\/#\/schema\/person\/1c3c9cd7f8f7ff5b8e8071d39226b99d"},"headline":"Inside a Whaling Attack","datePublished":"2018-04-09T12:00:40+00:00","dateModified":"2022-04-28T12:50:46+00:00","mainEntityOfPage":{"@id":"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/"},"wordCount":419,"keywords":["hackers","malware","Mobile","safety","security"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/","url":"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/","name":"Inside a Whaling Attack: What it is and How to Avoid One","isPartOf":{"@id":"https:\/\/www.psafe.com\/en\/blog\/#website"},"datePublished":"2018-04-09T12:00:40+00:00","dateModified":"2022-04-28T12:50:46+00:00","author":{"@id":"https:\/\/www.psafe.com\/en\/blog\/#\/schema\/person\/1c3c9cd7f8f7ff5b8e8071d39226b99d"},"description":"Here\u2019s what you should know about this type of cyber attack, who it targets, and ways to avoid falling prey to them before it\u2019s too late.","breadcrumb":{"@id":"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.psafe.com\/en\/blog\/inside-a-whaling-attack-how-to-avoid-one\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"In\u00edcio","item":"https:\/\/www.psafe.com\/en\/blog\/"},{"@type":"ListItem","position":2,"name":"Inside a Whaling Attack"}]},{"@type":"WebSite","@id":"https:\/\/www.psafe.com\/en\/blog\/#website","url":"https:\/\/www.psafe.com\/en\/blog\/","name":"PSafe Blog","description":"Articles and news about Mobile Security, Android, Apps, Social Media and Technology in general.","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.psafe.com\/en\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.psafe.com\/en\/blog\/#\/schema\/person\/1c3c9cd7f8f7ff5b8e8071d39226b99d","name":"PSafe Newsroom","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0ce470a17403045075d8cd48a742ebd97c085f6d510cfd605fb223ba3fad770b?s=96&d=mm&r=g","caption":"PSafe Newsroom"},"description":"The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.","url":"https:\/\/www.psafe.com\/en\/blog\/author\/newsroom-psafe\/"}]}},"_links":{"self":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17404","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/users\/83"}],"replies":[{"embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/comments?post=17404"}],"version-history":[{"count":4,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17404\/revisions"}],"predecessor-version":[{"id":17908,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/posts\/17404\/revisions\/17908"}],"wp:attachment":[{"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/media?parent=17404"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/categories?post=17404"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.psafe.com\/en\/blog\/wp-json\/wp\/v2\/tags?post=17404"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}