The executives of your company are the big fish in your sea. Yet cybercriminals think of them as whales. In fact, whaling is a new cybersecurity threat targeting the C-suite level.
You’ve likely heard of phishing attacks. Phishers use scam emails or spoofed websites to obtain user credentials or financial information. This might be an email that looks like it is from your bank asking you to log in and update your details, or a supposed tax alert needing immediate action.
A vishing attack is another fraudulent attempt to steal protected data, but the cybercriminals are going to use the phone to make contact. They might pretend to be a vendor needing to confirm account details for bill payment.
There’s also spear phishing. In these cases, the attackers do their homework first and target a specific company. They scour directories and employee social media to gather information to gain credibility.
Now, there are whaling attacks, too. The high-value target is a senior-level employee. The fraudster typically also impersonates one of the target’s C-suite counterparts.