"A 'Whale' of a Threat Evolves in the Financial Industry to Steal Sensitive Data"

In cybersecurity, "whaling" refers to cybercriminals targeting high-level executives to steal the most privileged information and obtain access to the most sensitive data. According to Tonia Dudley, strategic adviser at Cofense, these whaling attempts typically begin with a phishing email. The FBI revealed that high-level whaling attacks cost businesses more than $12.5 billion in losses in 2021. Dudley pointed out that the themes observed across many campaigns were typically finance-related as they involved invoices, purchase orders, or quotes. Dudley added that Cofense has seen fewer attachments reaching the inbox for users to interact with, but HTML and HTM files have been observed consistently making it through security filters. Whaling campaigns are increasingly leveraging multiple stages in their attacks. For example, the first stage could begin with a link to a file-sharing cloud site such as Google, Dropbox, or DocuSign. Once the file has been downloaded, embedded files or links to pages will run the second stage, which might contain anything from a credential login page to malware leading to an entry point for a ransomware attack. This article continues to discuss the threat of whaling attacks against the financial industry. 

SC Media reports "A 'Whale' of a Threat Evolves in the Financial Industry to Steal Sensitive Data"