By targeting low level employees, scammers can gain general access to a business’s inner workings. But if that scammer instead chooses to target high-level executives, they would gain complete top down access to an entire business’s operations.
A whaling attack is a targeted attempt to steal sensitive information from a company such as financial information or personal details about employees, typically for malicious reasons. A whaling attack specifically targets senior management that hold power in companies, such as the CEO, CFO, or other executives who have complete access to sensitive data.
Called “whaling” because of the size of the targets relative to those typical phishing attacks, “whales” are carefully chosen because of their authority and access within the company. The goal of a whaling attack is to trick an executive into revealing personal or corporate data, often through email and website spoofing.
Sending malicious emails hasn’t changed, but the end target has. As they say, “go big or go home,” and that’s exactly what scammers are now doing.
Here are tips to prevent and prepare for potential whaling attacks:
Kelly Trevino is the regional director for the Corpus Christi/Victoria area of Better Business Bureau serving the Heart of Texas. Kelly is available for media interviews and speaking engagements. You can reach her by phone: (361) 945-7352 or email: email@example.com.