'Whaling' Is The Latest Phishing Threat
Friday, May 09, 2008
From Yahoo News:
"US federal court officials have warned that hackers are emailing phony subpoenas embedded with malicious software to high-ranking executives to steal valuable corporate information. Thousands of powerful US executives have received the bogus emails that contain links which, if clicked on, install software letting hackers take control of computers and swipe passwords or other sensitive data. Internet security insiders refer to the attacks as "whaling" because they use social-engineering trickery involved in "phishing" but target individual "big phish" instead of casting nets in a sea of Internet users."
Apparently, these whaling attacks have had a high success rate with getting executives to open those bogus e-mails and either click on attachments or click on links. Consumers should be aware that within the USA, subpoenas are usually served in person by process servers, to assure judges that the orders from courts have been properly received by those named.
This news article also appears at AFP. If you are unsure how to recognize a phishing scam, read:
- Yahoo Security Center: Phishing
- Microsoft: recognize phishing scams and Fraudulent e-mails
- Privacy Rights Clearinghouse: Phishing
- Anti-Phishing Working Group
Whether or not you are caught by a phishing scam, you should always report it.
You can follow this conversation by subscribing to the comment feed for this post.