Rise in Domain Spoofing Whaling Attacks

If you are employed in the accounting department of your company, you need to be more careful as hackers are specifically targeting account department executives. Whaling attacks are on the rise and hackers are using domain spoofing techniques to trick end users into making bank transfers from corporate accounts. Once money has been sent into the account of the hacker, there is a strong probability that you cannot rescue them.

Whaling is a new form of phishing. Rather than hackers sending out large volumes of spam emails containing malware or links to malicious websites, individuals are targeted and few emails are shared. Hackers are spending a lot of time and effort into researching their targets before beginning their attack.

The focus is to obtain intelligence on an individual that has the authorization to make bank transfers from company accounts. Individuals are usually spotted and researched using social media websites such as Twitter, LinkedIn, and Facebook.

When individuals are chosen and the name and email address of their boss, CFO, or CEO is discovered, they are sent an email asking for a bank transfer be made. The email is well composed, there is a pressing need for the transfer to be made, and full details are given in the email. They are also given a believable explanation as to why the transfer must be made. The email is also issued from senior management.

In most cases, the transfer request will not adhere to standard company procedures as these are not known by the hackers. However, since an email will appear to have been sent from a senior executive in the company, some account department employees will not question the email. They will do as they are told due to fear of the individual in question, or in an effort to show willingness to do what is asked by their superiors.

Sadly for IT security worker, whaling emails are difficult to spot without an advanced spam filtering solution in operation. No attachments are sent in the email, there are no malicious links, just some instructions. The attack employs social engineering techniques to trick end users into completing the transfer.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

Elizabeth Hernandez

Elizabeth Hernandez is a news writer on Defensorum. Elizabeth is an experienced journalist who has worked on many publications for several years. Elizabeth writers about compliance and the related areas of IT security breaches. Elizabeth's has focus on data privacy and secure handling of personal information. Elizabeth has a postgraduate degree in journalism. Elizabeth Hernandez is the editor of HIPAAZone. https://twitter.com/ElizabethHzone