Whaling protection2017-07-28T05:25:03+00:00

Whaling Protection

Whaling is a specific type of spear phishing attack that is aimed at high profile targets like political figures, CEOs or anyone with important security credentials.

Whaling protection

What is the difference between Phishing and Spear Phishing Attacks?

Phishing attacks attempt to gather information from many people by sending out generic emails containing malware attachments or emails with generic scams. These types of attacks are easier to defend against with standard signature-based email filtering systems. In contrast, spear phishing attacks, like whaling, are targeted at specific individuals and customized to be convincing. These attacks are harder to defend against, because they look like regular emails to standard email security systems. Specialized protection is required to defend against these customized attacks.

Phishing attack

Phishing attack

Spear Phishing Attack

Spear Phishing attack

Other types of spear phishing attacks include:

Business Email Compromise (BEC): Is similar to a whaling attack but is usually aimed at a less high profile victim. For example, emails may be sent to an accountant to try and convince them to transfer funds for a fake business transaction.

CEO Fraud: This is a spear phishing attack in which emails supposedly coming from the CEO are asking for funds to be immediately transferred to fake accounts for vendor payment or a purported merger.

Spear Phishing is, by far, the most dangerous attack vector against your network.

How Can I Prevent Spear Phishing Attacks?

Vade Secure’s anti-spoofing feature, Identity Match, combines a technical analysis and a content and style analysis of each email to ensure that every sender is who they say they are. Any links or attachments are individually quarantined and examined to ensure that they are safe. What’s more, our system alerts users with a special banner whenever someone is requesting suspicious or confidential information.

„Vendors that specialize in content inspection will be more successful in detecting these types of attacks than those that rely on reputation.“

Gartner recomendation