(((Interesting term-of-art here. How much is it worth to install a keylogger on the computer of a frightened American CEO?)))
(((I hope this banishes the notion that only the weak and feeble respond to phishing attacks.)))
–Latest Major Whaling Attack Uses US District Court Subpoena
(April 16 & 17, 2008)
A spear phishing attack emerged this week targeting high-level executives at US firms. The emails, which include the executives' names and other specific information, appear to be subpoenas from the US
District Court in San Diego. The link, which is supposed to be a copy of the subpoena, actually installs malware on the victim's computer that is capable of logging keystrokes and sending the harvested information to the attacker. An additional piece of malware allows the attacker to take remote control of the victim's computer. Phishing attacks that target corporate "big fish" have been referred to as "whaling."
http://www.nytimes.com/2008/04/16/technology/16whale.html?_r=1&ei=5088&en=6440ba388ff2ce84&ex=1366084800&oref=slogin&partner=rssnyt&emc=rss&pagewanted=print http://www.theregister.co.uk/2008/04/16/whaling_expedition_continues/print.html http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9078398&source=rss_topic17
[Editor's Note (Honan): As these "Whaling" attacks are becoming more prevalent you should ensure you make your senior management on this threat. Reviewing their profiles on online business networks and
Googling their names is one way of highlighting to them the amount of personal information they are leaking which could be used against them.]
