Whaling refers to malicious hacking that targets high ranking executives. Similar to phishing, whaling is where the hacker hunts for data that they can use, but they focus on high-ranking bankers, executives, or others in prominent or powerful positions in an organization. Whalers also attack their Whale targets by hacking into the company networks where these high-ranking executives work, and then target those executives computers with malware such as keyloggers or remote access trojans (aka: RAT).
What should SMB’s do about Whaling?
Protect and educate your C-Suite on the dangers of posting too much information on social media that is open to the public. The more information a hacker can research on a CEO or CFO, the easier it is to attack them with a Whaling email attack.
This advice also helps prevent hackers from targeting other employees at your company with bogus emails purportedly from the C-Suite executive with novel and convince phishing schemes based upon the hackers research.