Whaling: phishing for executives and celebrities


#1

Originally published at: http://boingboing.net/2016/11/22/whaling-phishing-for-executiv.html


#2

If someone could whale Trump into being a decent human being…


#3

Is it trivial for modern email spoofing operations to get around SPF and DKIM? Or are corporate email servers just not up to snuff?


#4

last week it was “spear phishing”


#5

it’s a tradeoff, every security measure can result in dropped legitimate mails. the system architect can only err, depending on the corporate guidelines and personal style on the false positives or false negatives side.


#6

The problem is also with the C-Level executives themselves. Most think their shit don’t stink and couldn’t be bothered with having to change passwords every 30 days and other common-sense security measures. It just gets me that the CIO’s generally let the other C’s get away with it.


#7

My ex used to work security at a major tech company.

/\----------this.

/\-------------------Also this.

You wouldn’t believe the bad behavior that takes place at the exec level. To be fair, I never heard about one getting caught with CP on their machine, but from the sheer amount of porn viewing the execs at that company did, I wouldn’t be surprised if it got quietly handled.


#8

Whaling is a form of spear fishing, but spear fishing is typically directed to lower levels of a corporation. For example, spear fishing might involve sending a forged email to a specific recipient in Accounts Payable that looks like it’s from his or her boss, asking them to send a payment to a foreign bank.

Regardless of what whaling is, why is BoingBoing telling me about it here? Most of what I read here is fairly topical, but this security related terminology has been around for several years. Vacation week fluff’n stuff, perhaps…?


#9

Well sure. That just means targeted. Now we have a term for the targeted “big fish”. (Damn it, I know the analogy doesn’t hold. Whales are mammals right? We’re trying to do marketing here though. Hear me out…)

When was the last time your favorite music genera got subdivided into increasingly BS sub classes?


#10

It sounds as if there are still people who truly believe that some people are more or less important than others.


#11

This topic was automatically closed after 5 days. New replies are no longer allowed.