A whaling attack is a cyber-attack that targets high-profile corporate executives, wealthy businessmen, or individuals in the public sector. This type of attack can also target prominent members of organizations that are responsible for multiple critical functions because the release of information about their daily activities could have a harmful effect on public interests or security.
Whaling attacks are becoming more prevalent as they offer threat actors new ways to expand their targeted attack surface and typically require less sophisticated malware than many other information-stealing schemes.
How it works
- Email spear phishing is used to deliver malware or ransomware under the guise of an email attachment or link. The attackers often send messages that appear to be from trusted sources to convince their victims into installing malware onto their machines.
- The malicious code can perform any number of actions depending on its purpose. For example, it could download additional malware onto the system, encrypt the contents of your hard drive, and demand a ransom payment in return for a decryption key so you can use your computer again.
- Once the malware is successfully installed, it can be used to collect sensitive information about the user. It may also be able to use your computer as part of a botnet. This could be used to send out spam emails, distribute malware under the guise of a trusted source, or perform DDoS attacks.
How to protect yourself against whaling attacks
There are several steps that you can take to protect yourself against whaling attacks.
- Install high-quality anti-malware software on your computer. Perform regular scans of your system with this protection, especially after opening any attachments or clicking on links in an unexpected message.
- If you receive an email that seems suspicious for any reason, do not click on the link or open the attachment included in it until you contact the sender by phone or another method to confirm that they sent that message.
- Keep all your personal information private. Do not give out financial details online nor allow others to access your credit reports without verifying their identity first. Only share sensitive information over secure networks if necessary.
- Be aware of the latest scam and phishing techniques. Stay up to date on current whaling attacks and learn how to recognize them through media reports and online advice.
The consequences of whaling attacks
A whaling attack can have several consequences, including:
- The theft of your personal and financial information, which could lead to credit card fraud, identity theft, or unauthorized accounts being created under your name.
- The loss of all the data stored on the device that was compromised. In the case of ransomware, you run the risk of not being able to access any files at all if their decryption key is not provided within a certain timeframe.
- You might also lose access to your computer and other devices if they were included in a botnet as part of the attack.
- If you’ve been targeted by a whaling attack, this could lead to an even more severe cyber-attack down the line resulting in costly expenses and lost productivity for your business.
What to do if you have been attacked
- Delete any suspicious messages that seem like they were part of a whaling attack immediately after opening them and without clicking on any links or downloading any attachments.
- If your computer has already been compromised by malware due to a whaling attack, disconnect it from the internet as soon as possible. Contact an expert at your institution who will be able to help you remove the virus and secure the machine against future attacks.
- If you have already given out any sensitive information to whaling attackers, change your passwords for those accounts immediately. Contact the institution that owns the account you compromised and report the theft of your personal information to them as well. Most importantly, contact local authorities right away if you believe that there are other accounts being used by criminals at this time or that they are planning on committing more crimes in your area soon.
Frequently asked questions about whaling attacks
Who are frequent victims of whaling attacks?
Wealthy business people, high-level executives, public figures, and officials are the main targets of a whaling attack.
How much can you lose from whaling attacks?
Whaling attacks can lead to very high losses, usually in the thousands but sometimes up to six figures for large enterprises.
What are the consequences of a whaling attack?
Loss of personal information, sensitive information leakage, business disruption, data encryption and ransom money.
What can you do if you are attacked?
Delete any suspicious messages, disconnect the computer from the internet and call for expert help. Contact local authorities as well.