Are Spear Phishing and “Whaling” Attacks Putting You in Danger?

Sections of this topic

    Targeted attacks can cost you big bucks

    Spear phishing, or using what appears to be a legit email to fool specific targets into divulging sensitive information or taking other detrimental action, is growing in popularity thanks to the widespread availability of personal information on the internet. The latest variant of the attack, being called “whaling”, even specifically targets upper management in order to make bigger scores.

    Whether it’s posing as legitimate vendors invoicing for services, tricking employees into running malicious software, making away with confidential files, or yet another clever scheme, hackers are finding these targeted attacks quite profitable.

    How costly can these events be? Try the $3 million Mattel nearly lost last month on for size.

    The most effective way to reduce your organization’s vulnerability to attacks is by training employees from the bottom up on safe practices. Then, make those practices a part of the daily routine.

    Of course there is no guaranteed protection against every avenue of attack, and that’s where a tested response plan and pre-approved messaging comes in.

    Prevent what you can and mitigate damage where you can’t. That’s the name of this game.

    For more resources, see the Free Management Library topic: Crisis Management

    [Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

    – See more at: