Whaling emerges as major cybersecurity threat
April 21, 2016
Fraudsters are using legitimate executive names and email addresses to dupe unsuspecting employees to wire money or sensitive documents to their accounts. The CTO of the Boston Celtics, for one, is fighting back.
A clever variant of phishing scams is proliferating among enterprises, forcing CIOs to up their game even as they are still refining their cybersecurity practices to contend with various zero-day attacks. Called whaling, the social engineering grift typically involves a hacker masquerading as a senior executive asking an employee to transfer money.