Learn about an example of a whaling subpoena message.
- [Instructor] To better understand what whaling messages…are like, let us review a few successful whaling attacks.…An infamous example is the 2008 whaling attack…that masqueraded as a federal subpoena.…The official-looking email instructed CEOs…to click a link to download special software…with which to view the subpoena.…Of the 20,000 estimated recipients, about 10% responded…and unwittingly downloaded a key logger…that captured passwords and other sensitive data…and sent it back to the attackers.…
Armed with access, the attackers launched further attacks…against those companies.…The message sent seemed legitimate enough…to cause people to take action.…Snapchat was the victim of a whaling attack.…In early 2016, the social media app Snapchat fell victim…to a whaling attack when a high-ranking employee was emailed…by a cybercriminal impersonating the CEO…was fooled into revealing employee payroll information.…
Snapchat reported the incident to the FBI,…and offered the employees who were affected by the leak…two years of free identity-theft insurance.…
Phishing is successful when an email message persuades a person to take an action or reveal information which should not be disclosed. Whaling focuses on high-profile targets such as executives, politicians, and celebrities. Learn about the tactics used in phishing and whaling, and view some examples so that you can identify suspicious emails and network intrusions. Then learn how to reduce your risk and put protections in place to help mitigate these threats.
This course was created and produced by Mentor Source, Inc. We are honored to host this training in our library.
- What is phishing?
- Types of phishing, including cat phishing, spear phishing, and vishing
- Phishing examples
- What is whaling?
- How to reduce phishing and whaling with technology and procedures