There are always criminals out there trying to make a fast buck. There are gangs of hackers run by mobsters. With every passing day we see a new spin on a tried and true story line. Today we see that targeted email attacks, or spear phishing, against executives are on the rise. Now, this process of targeting executives has its own term when performed en masse…whaling. (sigh)
From PC World:
In June, MessageLabs’ hosted e-mail security service caught 514 e-mails bound for its customers all targeted at C-level executives in various organizations in a two-hour period. In September another blast consisted of 1,100 whaling attacks within 15 hours. The company believes the same organization is behind the blasts.
What’s unique about whaling is its reliance on research and social engineering. Traditionally spam, and to some extent phishing, depends on reaching the greatest number of people with the smallest amount of effort, considering the response rate to these e-mail abuses tends to be miniscule but still enough to make the practice worth it. With whaling, the sender must do some upfront research about the target as well as the subject in order to craft an e-mail that sounds convincing, says Wood.
At this point there are no real concrete numbers that layout the true scope of this problem. In many cases this involves a trojan that has not been previously identified. This raises the possibility that the anti virus measures in place for most organizations will have little effect when it is needed most.
[tags]New Email Scam, Spear Phishing, Whaling, Targeted Email Attacks[/tags]