whaling attack: Not your momma’s attempt at lesson teaching, this maritime-inspired techie homophone will catch decision-makers by the worst surprise. Targeting C-suite and high-level end users, sneaky cybercriminals use carefully crafted emails to reel in a company’s “big phish,” gaining insider access to company jewels. An offshoot of the well-known “phishing” attack, whaling is insidious and calculated deceit, with the end goal of exploiting business leaders’ personal devices. And unless execs know what to look for, they can easily be duped. This is no casual spam scam—attackers research correct titles, company information, even personal details in an effort to sound legit. Social media can play a huge part in the harvest, and along with being judicious in detail sharing, experts recommend quizzes and social pen-testing to expose vulnerabilities. Those in the know also predict that in the coming year, execs will need to be ever more vigilant if they hope to evade the hunters. Sounds like it’s time to drop anchor and chart a new course—toward protection.
Want more? Subscribe.