close_game
close_game

Received an email from your company CEO? Beware, this could be a ‘whaling attack’

By, New Delhi
Nov 29, 2023 05:06 PM IST

‘Whaling’ is a sophisticated form of cybercrime through which cybercriminals target high-profile or senior executives of a company, by posing as its CEO.

A ‘whaling attack’ is a sophisticated form of cybercrime in which cybercriminals target high-profile or senior executives of a company, with an aim to deceive them into revealing sensitive company information or to make them transfer money.

Representational Image
Representational Image

How is whaling different from other methods of cybercrime?

Whaling differs from phishing scams in that the latter targets non-specific individuals. ‘Spear-phishing,’ on the other hand, is similar to a whaling attack in that both target particular individuals.

Whaling, however, goes a step further, with criminals impersonating the company CEO or senior manager so that the victim has no option but to reveal the information the ‘CEO’ wants them to.

Any alternative name for whaling?

For the aforementioned reason, it is also sometimes referred to as a ‘CEO fraud.’ It is called ‘whaling’ because those targeted are ‘big phish (fish)' or ‘whales,’ as are those under whose names the emails are being sent (without their knowledge, of course) to the victims.

What methods are deployed for whaling?

Email spoofing (crafting convincing emails so that these appear to have been sent by the real CEO); social engineering (to gather information about the target so as to personalise the message); and impersonation.

How to prevent a whaling attack?

This can be done by educating employees about such an attack and training them to recognise suspicious requests. Other methods include a multi-factor authentication (MFA) for extra level of protection for sensitive accounts; email authentication protocols, regular security audits, and an incident response plan.

Any recent incident of whaling?

In 2016, a Snapchat HR employee was tricked into revealing payroll information of ‘some current and former staffers.’ More recently, as many as six cases were reported from Pune last year, including one involving global vaccine major Serum Institute of India (SII).

Recommended Topics
Share this article
Don’t Miss the Amazon Great Republic Day Sale 2025!
Discover unbelievable discounts on laptops, TVs, washing machines, refrigerators, and more. Celebrate Republic Day with massive savings on home appliances, furniture, gadgets, beauty & health essentials, and more during Amazon sale.
See More
Don’t Miss the Amazon Great Republic Day Sale 2025!
Discover unbelievable discounts on laptops, TVs, washing machines, refrigerators, and more. Celebrate Republic Day with massive savings on home appliances, furniture, gadgets, beauty & health essentials, and more during Amazon sale.
SHARE THIS ARTICLE ON
SHARE
Story Saved
Live Score
Saved Articles
Following
My Reads
Sign out
New Delhi 0C
Wednesday, January 22, 2025
Start 14 Days Free Trial Subscribe Now
Follow Us On