Hackers Aiming to Land the Big Phish

11 Oct 2017

Hackers Aiming to Land the Big Phish

Hackers are adaptive and opportunistic creatures, so it is no surprise that some have adapted their phishing attempts in order to land the biggest fish - in this case the CEOs and executives of companies in a technique known as whaling.

What is Whaling?

Whaling is a type of phishing attack that is aimed at C-level or top-level executives. A hacker uses social engineering and computer intrusion techniques to get as much information as they can on their targets. By scouring social media channels such as LinkedIn, they can collect personal data and information that can then be exploited to put their schemes into action.

The scammer also collects information about how an organisation’s emails are laid out and structured in order to make them look as authentic and believable as possible. Often the attacker will pretend to be a CEO or senior executive and send messages to employees lower down the management chain asking them to transfer money or sensitive data. The employee, not wanting to disappoint senior management, often completes with the request without question. In the most serious cases, this has resulted in millions of pounds of company funds being sent to accounts controlled by criminals.

A recent example was seen in August when a whaling attack deceived finance staff at Leoni AG into transferring £34 million into a bank account of the hackers choosing. In this case, it was the company CFO who was the target. She received an email spoofed to look like it came from one of the company’s top German executives.

Why is it so successful?

It makes sense from the hacker’s point of view. Why waste your time targeting lower level workers, or a business as a whole, when you can make significant criminal gains by targeting the big fish at the top. The scammer relies on workers desires to impress senior managers and uses this behaviour to their advantage. Often an employee, no matter how odd the request may be, will want to make a good impression and not disappoint their employer.

How to tackle the threat?

As with many cyber threats, education is key to limiting the risks. Trainingemployees and executives on what to look out for and how to avoid becoming a victim, can reduce the threat dramatically.

PGI’s GCHQ accredited Cyber Security Awareness (CSA) course is a great place to start in educating a workforce.

Protection Group International believes that cyber security doesn’t need to be overly complicated, incomprehensible or vastly expensive. We specialise in delivering strategic vulnerability assessment services and offer a range of senior cyber awareness education to enable you to tackle cyber threats in-house. For more information click here.

Our partner company, Protection Vessels International, is focussed on the efficient delivery of high quality, cost effective security solutions for the maritime community. We invest in our well-maintained logistic infrastructure to enhance customers’ business continuity through the protection of their assets and people. For more information click here.

Share this article


Your free global geopolitical
risk dashboard

PGI’s Risk Portal tool provides daily intelligence feeds, country threat assessments and analytical insights, enabling clients to track, understand and navigate geopolitical threats.

The Risk Portal gives users up-to-date information and analysis on global affairs.

The Risk Portal allows users to visualise information in a unique and instantly understandable way. Mapping filters enable the visualisation of incidents by threat category, time period, perpetrator and target type.

Risk Portal users can upgrade their accounts to include the Report Builder and Country Profile Generator features. The Report Builder allows users to select information, data and images from the Risk Portal and create bespoke reports and emails.

Subscribers to PGI’s Bespoke services receive tailored analysis on specific sectors and geographies of interest, delivered at a frequency they determine.

Visit the Risk Portal

Subscribe to our Cyber Bytes Newsletter

Keep yourself in the loop with PGI by signing up to our Monthly Cyber Bytes email. You will receive updates, tips and narrative around what has been happening in the world of information security.

Get in touch today

For more information on how we can help you or your business, please contact us via:

Related News

CISMP, CISSP and CISM - what's in an acronym?

20 Mar 2017

There is a wide range of different security courses available, and a mind-boggling array of certific...

Read news article

International Womens Day - Pioneering Women in Tec...

08 Mar 2017

Pioneering Women in Technology – Katherine JohnsonThe Oscar season has been and gone. The...

Read news article

Law Firms and why they need cyber security

06 Mar 2017

Suffering a data breach can be devastating for any company but for law firms the impacts can be part...

Read news article
Back to the News Hub

Follow us

+44 (0)207 887 2699
©2017 PGI - Protection Group International Ltd. All rights reserved.
PGI - Protection Group International Ltd is registered in England & Wales, reg. no. 07967865
Registered address: Cascades 1, 1190 Park Avenue, Aztec W, Almondsbury, Bristol BS32 4FP