Professional Writers
We assemble our team by selectively choosing highly skilled writers, each boasting specialized knowledge in specific subject areas and a robust background in academic writing
Order For Similar Custom Papers & Assignment Help Services
Fill the order form details - writing instructions guides, and get your paper done.
Posted: January 30th, 2022
Social Engineering Tactic: Whaling Attack
Social Engineering Tactic: Whaling Attack
Instructions
What is social engineering? Simply put, it is “any act that influences a person to take action that may or may not be in their best interest.” Social engineering is a term that encompasses a broad spectrum of malicious activity.
Select one of the following social engineering attack techniques:
Baiting.
Scareware.
Pretexting.
Phishing.
Vishing.
Tailgating.
Watering hole.
Whaling.
Spear phishing.
Use a Web search engine and search for information about your selected social engineering attack, or visit The Most Common Social Engineering Attacks [Updated 2020].
In addition, find articles about an instance where the chosen social engineering attack was used.
In a 1–2 page paper, respond to the following items:
Describe the attack in detail.
Describe the technique of the attacks.
Describe the effects of the attack both in general and in the specific instance you found.
Ace my homework – Write my paper – Online assignment help tutors – Discuss three ways to prevent the attack. Provide a rationale.
Use three sources to support your writing. Choose sources that are credible, relevant, and appropriate. Cite each source listed on your source page at least one time within your assignment. For help with research, writing, and citation, access the library or review library guides.
This course requires the use of Strayer Writing Standards. For assistance and information, please refer to the Strayer Writing Standards link in the left-hand menu of your course. Check with your professor for any additional instructions.
The specific course learning outcome associated with this assignment is:
Examine hacking theory, social engineering tactics, and hacker subculture.
1. Describe the attack in detail.
The whaling attack is a derivative of the phishing attack, another social engineering tactic (Paganini, 2021). The whaling attack happens when high-profile individuals in organizations such as the Chief Executive officers or the Chief Financial officers are targeted for extracting information. The malicious attackers prey on these individuals with high churn email accounts such that the possibility of unintentionally opening fake attachments is high. These emails are sent containing attachments such as fake invoices, primarily threats containing macro-codes that could embed into the information systems. Consequently, the code will mine data or undertake sensitive keystrokes.
One prominent example of a whaling attack happened against the Belgian Bank, Crelan. Crelan’s CEO had been ‘whaled’ after conducting a routine internal audit (Tessian, 2021). Crelan was a victim of ‘whaling,’ a form of spear-phishing where the malicious attackers target high-level executives. Consequently, the hackers obtained $75 million from the Belgian bank and have never been brought to justice.
2. Describe the technique of the attacks.
A whaling attack aims to trick an individual into disclosing personal or corporate information via social engineering, email spoofing, and content spoofing efforts (Lutkevich et al., 2021). The attackers would, for instance, choose to send the victim an email that appears to come from a credible source. Some whaling companies would also include customized malicious websites developed for the attack specifically. These attack emails are typically customized and personalized extensively such that they will incorporate the victim’s name, job titles, among other relevant information obtained from other sources. The personalization makes it challenging to detect the whaling attack. When the victims click on the malicious links in the attachments or websites, it will induce them to approve fraudulent wire transfers or even impersonate themselves to convince the employees to carry out the financial transfers.
3. Describe the effects of the attack both in general and in the specific instance you found.
Whaling attacks lead to various consequences. One of them is financial losses which happen when the victims take the bait and send considerable amounts of money to the cybercriminals (Georgescu, 2021). As noted earlier, Crelan, the Belgian bank, lost $75 million to the hackers that used a whaling attack on their CEO. Other effects include data loss since this is one of the aims of cybercriminals to obtain sensitive information. The third effect is disruption of business operations, considering that the attacked organization needs to stop with their daily activities and focus on making progress to notify clients and other stakeholders of the data breach, implement security measures to protect the systems urgently, and work to recover any lost funds. Another effect is brand damage considering that the organization will no longer have the same kind of trust from clients and partners (Georgescu, 2021). The whaling could lead the organization to lose future opportunities as other systems are not trusted.
4. Ace my homework – Write my paper – Online assignment help tutors – Discuss three ways to prevent the attack. Provide a rationale.
a. Increasing employee awareness on the different social engineering tactics possible, how to identify them, and the preemptive actions that should be taken to prevent any data breach (Lutkevich et al., 2021).
b. Multi-Step verification for all the requests for wire transfers and access to sensitive information. All emails and attachments must be verified to identify any potential malicious traffic.
c. Data protection policies to ensure that emails and files are constantly monitored for suspicious network activities policies should avail a layered defense against attacks such as the whaling attack or phishing in general to reduce the chances of its breach happening at the final line of defense (Lutkevich et al., 2021).
5. Sources
❖ Georgescu, E. (2021, September 6). What is a whaling phishing attack? Definition, examples. Retrieved from https://heimdalsecurity.com/blog/whaling-phishing-attack/#:
❖ Lutkevich, B., Clark, C., & Shea, S. (2021, January 26). What is a whaling attack (Whaling phishing)? Retrieved from https://www.techtarget.com/searchsecurity/definition/whaling
❖ Paganini, P. (2021, August 9). The most common social engineering attacks [updated 2020]. Retrieved from https://resources.infosecinstitute.com/topic/common-social-engineering-attacks/#
❖ Tessian. (2021, April 7). What is whaling? | Examples of whaling attacks | Updated 2021 | Tessian. Retrieved from https://www.tessian.com/blog/whaling-phishing-attack/
Why choose us
You Want Quality and That’s What We Deliver
Discounted Prices
Our service is committed to delivering the finest writers at the most competitive rates, ensuring that affordability is balanced with uncompromising quality. Our pricing strategy is designed to be both fair and reasonable, standing out favorably against other writing services in the market.
AI & Plagiarism-Free
Rest assured, you'll never receive a product tainted by plagiarism or AI-generated content. Each paper is research-written by human writers, followed by a rigorous scanning process of the final draft before it's delivered to you, ensuring the content is entirely original and maintaining our unwavering commitment to providing plagiarism-free work.
How it works
When you decide to place an order with Nurscola, here is what happens: