Executives are Latest Targets of Whaling & Spear Phishing Attacks

Security firm MessageLabs has found that criminals are targeting executives as the latest trend of cyber crime. Searching for names of top officials on a company Website is not difficult. Therefore, criminals compile the list of their names, hunt for information about them and send e-mails with subjects that refer to their activities in the organization hoping they will press on the link in the e-mail. The link then takes the executive to a malicious site, which downloads malware on his system that reads his keystrokes and even reveals secret information.

This year (2007), MessageLabs has detected two surges of e-mail that it termed as 'whaling'. The company received e-mail that sought invoice details and purported to be from the job recruitment firm, Better Business Bureau. The first e-mail blast occurred in June when MessageLabs detected 514 e-mails addressed to various executives managing different organizations over just two hours. The other occurred in September when MessageLabs spotted 1,100 whaling attacks in 15 hours.

Senior Analyst at MessageLabs, Paul Wood, said that social engineering had become the ultimate tactic where phishers apply technologically sophisticated techniques as well as more of psychology to everything they do. Accounting Web published Wood's statement on November 28, 2007. It is an era when phishers do some research before launching their attacks so that identification of those attacks become difficult, Wood added.

SANS Institute that measures security issues on the Internet also gave importance to the prevalence of attacks with social engineering and their target on the behavior style of specific persons in its Top 20 List.

The Institute observed that the US military organizations were targeted with spear phishing, a highly destructive mode of attack that enabled hackers to obtain usernames and passwords with which they could access other confidential information. Attacks that are well researched pose severe danger of messages carrying fake Web links or malicious attachments seeming to appear from within the company, like the IT system administrators or the HR head.

According to SANS, attackers' creative methods to obtain organizations' sensitive data and default configurations vulnerable to attacks contribute significantly to phishing activity.

Related article: Exhausted By New Features, Users Would Downgrade Security

» SPAMfighter News - 12/10/2007