In recent years, cyber attacks have evolved, changing shape and intensity. The global health crisis has forced a large part of workers to so-called smartworking, teleworking. This has resulted in a profound increase in the attack surface available to criminal hackers.
There has been a lot of talk over the past year about whaling o whale phishing. Conceived as a more advanced and recent version of the Phishing, this attack is also known as CEO fraud, since the action is aimed at targeting executives and senior members of the company, gaining access to their devices to steal information or money.
The attack methods are the same used by the Phishing, but in the case of the whaling, the fictitious communication (eg email) appears to be sent by a manager of the same level or by someone who holds an important position in the same company.
The objective of the attack is to obtain confidential information about the company or to make the victim commit actions that are dangerous to the company. Usually, the communication takes place via e-mail coming, at least apparently, from a reliable source and, in some cases, even containing the company logo. As Kaspersky points out, trust within a company is very high and it is easier, in this way, to fall into the trap.
Il whaling it is potentially more effective than the Phishing as the target is a prominent person, a high-level member of the company. Precisely for this reason, hackers can use the information available on social media and online to "customize" the attack.
According to what was analyzed by the National Cyber Security Center (NCSC) British, in fact, the e-mail contains information about the victim (be it an organization or an individual), conveys a sense of urgency and is written in a language suitable for the context (usually an economic language).
What are the risks for the company? The whaling is a form of social engineering which prompts the victim to click on the link in the e-mail which spreads a malware, or it forces her to send money to the hacker's bank account. The evolution of these attacks, through the use of increasingly technical language, the use of ad hoc fake sites and references to the victim's personal data, has made their identification increasingly difficult.
In addition, the NCSC has found some cases where business managers have also received telephone calls confirming the requests in the email, giving rise to the tactic of social engineering called cyber-enabled fraud.
How do you defend against these attacks? Since the whaling is an evolution of the Phishing, the precautions to be taken are very similar. First, you need to verify the email address before clicking on any links in an email. In the specific case of the whaling, malicious actors are particularly facilitated by information regarding company managers on social media or elsewhere; in addition, during public events, such as conferences or corporate events, seniors are particularly vulnerable to these attacks.
The report Phishing Trends and Intelligence published by PhishLabs in 2019 highlighted some very interesting data concerning 2018. These data show that there has been a 40,9% increase in attacks of Phishing, primarily targeting financial services, email, cloud, payment, and SaaS. Also, most of the emails didn't contain any malware, purely aiming to steal credentials.
Given the exponential increase in these attacks, companies should implement training programs that increase employee awareness of the risks of Phishing and whaling. In addition, the IT department of larger companies should increase the fake campaigns of whaling, in order to verify the level of awareness of company personnel. Finally, as Kaspersky reports, companies can equip themselves with software anti-phishing that provide some services such asURL screening e link validation.
https://www.ncsc.gov.uk/guidance/whaling-how-it-works-and-what-your-orga...
https://www.rapid7.com/fundamentals/whaling-phishing-attacks/
https://www.kaspersky.com/resource-center/definitions/what-is-a-whaling-...
https://www.cybersecurity360.it/nuove-minacce/attacchi-whaling-la-caccia...
