Categories: Security

Inside a Whaling Attack

As phishing attacks continue to rise in volume, more and more companies are being hit with whaling attacks, which are large-scale scams that go after the personal information of employees, as well as the financial information of companies. Online scammers usually trick executives into revealing company information through emails or spoofed websites.

Read More: Hackers Might be able to Take Control of your Smart Car

Learn how whaling attacks works, why they work, and ways to avoid them.

They Seem So Legitimate
Snapchat and Seagate have both fallen prey to whaling attacks in recent years. Part of the reason why they are successful is because they are highly personalized towards their target. For example, a fake email from a company executive might include the company logo, phone information and other details to trick the victim.

Whaling scams usually don’t use hyperlinks with malicious software, but hackers occasionally use this route as well. Attackers gather information from the company by examining the personal data of an employee on Facebook, Twitter, LinkedIn and other social media sites that may reveal something about the person.

Point-of-Sale Malware That Steals Data
One recent whaling attack that hit a company is a point-of-sale (POS) scam that relies on User Datagram Protocol (UDP) DNS traffic to extract credit card information. Instead of relying on HTTP to scam users, UDPoS uses Domain Name System (DNS) queries to steal data.

The scam works because the malware masks itself as an update from LogMeIn, which is a legitimate remote desktop service that companies use to manage computers and other systems. However, this malware is not actually an update from LogMeIn, but masks itself in order to avoid detection through firewalls and other security measures and steal card payment data. 

How to Avoid a Whaling Attack
Education is the key. Teach employees, senior management, and IT staff about whaling attacks. All staff should know how to differentiate real emails from spoofed ones, avoid unsolicited attachments, and discern fake hyperlinks. Conducting seminars on fake whaling attacks is a sound way to train employees. Another last measure for an IT department is to flag external emails if they’re coming from outside the company.

But, what can you do, personally? Try to enable safety settings on your private profiles so hackers can’t discover specific details about you, like your date of birth or information about your friends. Finally, be very careful about having work documents on your home devices such as a laptop or smartphone.

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.

Recent Posts

Vulnerabilities in Cyber Security: what they are and how to fix them?

Learn all about one of the hackers' favorite breach method and keep your company safe…

1 year ago

3 ways to recover deleted photos on Android

Have you ever wondered how to recover deleted photos on Android? After all, the lack…

1 year ago

What is worm?

Digital worms are among the most serious threats in the wild kingdom of the Internet.

2 years ago

Spoofing: What’s it all about?

Spoofing is a fairly sophisticated virtual scam that can fool even the most cautious and…

2 years ago

Careful With That QR Code! Five Steps For QR Code Safety

Five Steps to Reduce QR Code Risk! Step one? Read this article…

2 years ago

Pharming: Phishing’s Nasty Big Brother

Pharming is creating a new, dangerous brand of impostor syndrome. Check how to avoid pharming…

2 years ago