Phishing, spear phishing and whaling

Fishy metaphors for some nasty behaviours. Today’s post is a quick look at targeted attacks where the crooks try and steal your information, money, or both. The number of phishing attempts is increasing rapidly and they’re becoming more sophisticated.

Phishing Activity Trends Source:

Recent high profile phishing attacks have made the news, including Seagate Technology in the US where the tax form information details of several thousand employees were stolen. The target for the scammers here is tax refund fraud but it’s impossible for us to guess at what Seagate’s financial exposure is, let alone the damage done to their reputation. Bear in mind, too, that there are online forums that act as clearing houses for bad guys to swap information about data breach targets, and to hire muscle to perform the breaches. It’s a nasty world out there.

So what is phishing and what can you do to minimise your exposure?

Phishing is where fraudsters send emails pretending to be from reputable companies to try and trick you into revealing personal information such as account names and passwords, bank account details and credit card details.

Spear phishing is a phishing attack where the email is crafted to look like it comes from a person or business that you know, or is directed specifically to an individual.

Whaling is an extremely targeted attack that aims to trap senior executives and staff. Whaling emails are designed to look like a business-critical email such as a legal email, customer complaint or other issue that needs to be dealt with by an executive. The people behind a whaling attempt will take great care with the email for it to look genuine and to maximise the chance of success.

What can you do?

  • Once again, user education is key!;
  • Guard against spam emails;
  • Beware of links in emails that ask for personal information;
  • Never enter personal information in pop-ups;
  • Do not click on links, open attachments, or download files in suspicious emails; and
  • Consider implementing a tool that inspects inbound emails for suspicious content and quarantines the content.

Tools such as Mimecast provide spam filtering and anti-malware services for email, as well as sophisticated anti-phishing technologies that include re-writing malicious URLs embedded in emails. Mimecast works both with Office 365 and on premise email services. Office 365 natively provides a level of protection against spam and malware with Exchange Online Protection by default, which is also available for on premise instances of Exchange. Microsoft now has additional protection through Exchange Online Advanced Threat Protection available as an option, too.

If you would like to speak to TD about Phishing or any other technology, we can be contacted here, or you may directly contact me at