Just got bump this terminology, The "whaling attack"

By -

So I got this recently a new terminology called as "Whaling Attack"?

Whaling attack is similarly same as with other phishing attack but its target is going to the big fish, which is the CEO, CFO, or COO in the company or in a large organization. Its purpose is to lure and deceive the victim using an e-mail or other multi-media sources that could lead the victim to think that this data is a valid information and that he/she is required to respond at least to the destination source where the attacker innovate to make thing it's a legit destination, for example an e-mail address, SMS, or maybe through a social media, which is actually kinda stupid to think of, but still a valid source.


In many whaling phishing attacks, the attacker's goal is to manipulate the victim into authorizing high-value wire transfers to the attacker. The term whaling stems from the size of the attacks, and the whales are thought to be picked based on their authority within the company.

Due to their highly targeted nature, whaling attacks are often more difficult to detect than standard phishing attacks. In the enterprise, security administrators can help reduce the effectiveness of whaling attacks by encouraging the corporate management staff to undergo information security awareness training.


How whaling attacks work?

The goal of a whaling attack is to trick an individual into disclosing personal or corporate information through social engineering, email spoofing and content spoofing efforts. For example, the attackers may send the victim an email that appears to be from a trusted source; some whaling campaigns include a customized malicious website that has been created especially for the attack.

Whaling attack emails and websites are highly customized and personalized, and they often incorporate the target's name, job title or other relevant information gleaned from a variety of sources. This level of personalization makes it difficult to detect a whaling attack.

Whaling attacks often depend on social engineering techniques, as attackers will send hyperlinks or attachments to infect their victims with malware or to solicit sensitive information. By targeting high-value victims, especially CEOs and other corporate officers, attackers may also induce them to approve fraudulent wire transfers using business email compromise techniques. In some cases, the attacker impersonates the CEO or other corporate officers to convince employees to carry out financial transfers.

These attacks can fool victims because attackers are willing to spend more time and effort constructing them due to their potentially high returns. Attackers will often use social media, such as Facebook, Twitter and LinkedIn, to gather personal information about their victim to make the whaling phishing attack more plausible.

Differences between phishing, whaling phishing and spear phishing

Because ordinary phishing attacks, whaling phishing attacks and spear phishing attacks are all online attacks on users in order to gain sensitive information or to social engineer the victim into taking some harmful action, the three are often confused.

A whaling attack is a special form of spear phishing that targets specific high ranking victims within a company. Spear phishing attacks can target any specific individual. Both types of attack generally require more time and effort on the part of the attacker than ordinary phishing attacks.

Phishing is a broader term that covers any type of attack that tries to fool a victim into taking some action, including sharing sensitive information, such as usernames, passwords and financial records for malicious purposes; installing malware; or completing a fraudulent financial payment or wire transfer. While ordinary phishing attacks usually involve sending emails to a large number of individuals without knowing how many will be successful, whaling phishing attacks usually target one specific individual at a time -- typically a high-ranking individual -- with highly personalized information.

Comments

Post a Comment

Popular posts from this blog

LVM: How to remove a volume using pvremove

By -
First, I encountered this error "Can't pvremove physical volume "/dev/sdc1" of volume group "nova-volumes" without -ff" (I'm actually using OpenStack but it's another story). So to remove this, do first, ~# pvscan   PV /dev/sdb1   VG nova-volumes    lvm2 [1.82 TiB / 1.82 TiB free]   PV /dev/sda5   VG cloudmaster     lvm2 [297.85 GiB / 12.00 MiB free]   PV /dev/sdc1                      lvm2 [1.82 TiB]   Total: 3 [3.93 TiB] / in use: 2 [2.11 TiB] / in no VG: 1 [1.82 TiB] Then, when I do, ~# pvremove /dev/sdc1  Can't pvremove physical volume "/dev/sdc1" of volume group "nova-volumes" without -ff So I need to, ~# vgreduce nova-volumes /dev/sdc1   Removed "/dev/sdc1" from volume group "nova-volumes" Then do `pvscan` again, ~# pvscan   PV /dev/sdb1   VG nova-volumes    lvm2 [1.82 TiB / 1.82 TiB free]   PV /dev/sda5   VG cloudmaster     lvm2 [297.85 GiB / 12.00 MiB free]   PV /dev/
Read more

Using Oracle 11g thru VirtualBox appliance in Mac OS X Lion

By -
Image
I just found that its quite a lot of handy work to make Oracle work in Mac OS X Lion. Currently, I have this quite cool machine with good memory anyway, so I decided to step the easy way, than the "too-much-time-to-work way". So, I just decided to use VirtualBox with Oracle's pre-built virtual appliance with Oracle 11g Enterprise Edition. To use this, I use the steps below. 1. Download VirtualBox at http://www.oracle.com/technetwork/database/enterprise-edition/databaseappdev-vm-161299.html 2. Download the virtual appliances at http://www.oracle.com/technetwork/database/enterprise-edition/databaseappdev-vm-161299.html then just follow the steps. 3. I added some specific ports, since I access it thru  NAT so whenever I am, it's easier for me just to hook up my virtual appliance and turn it on. So you can issue these command in your terminal, $> VBoxManage modifyvm "OTN Developer Days" --natpf1 "ssh,tcp,,2222,,22" $> VBoxManag
Read more

Use Shell Editor for Eclipse for editing bash, ksh, csh in Unix/Linux system

By -
Image
I found ShellEd when googling for any shell editor. It was trouble at first because there's no  how-to that directs me, where I expect to have a direct link that I can copy-en-paste to my Eclipse for installation. So what I did, I download ShellEd (as of this writing file version ShellEd-Update-2.0.0_M3.zip) from sourceforge.net and install, as required, the Linux Tools . After installing Linux Tools, I then locate thru archive the ShellEd zip file and install it successfully. It works good and I feel satisfied with this cool tool to be embedded in eclipse. The sample attached shell script is from JBoss twiddle. It does supports syntax highlighting, intellisense which is cool. Hope this helps.
Read more