The Dangers of Whaling – the Evolution of Phishing

“Some people can read War and Peace and come away thinking it’s a simple adventure story. Others can read the ingredients on a chewing gum wrapper and unlock the secrets of the universe.”– Lex Luthor “Superman” (1978). 

So, what does chewing gum have to do with the secrets of the universe? If you asked yourself that question, you’re in good company because that was Eve Teschmacher’s response to Luthor in the movie. That’s the question we’ll be discussing in this article with the goal that you too will be able to look at that gum wrapper and uncover the secrets hidden inside. 

Also, just like the Superman movies, this article will evolve into a series in which we explore various social engineering methodologies and how they have developed over time, thus furthering your understanding of the hacking universe. 

In this installment that I’ll call “one phish, two phish, red phish, holy crap is that a white whale?” we will examine phishing and how this technique has evolved into whaling. 

What is Phishing?

Phishing is the fraudulent practice of sending emails purporting to be from legitimate companies to induce individuals to disclose private data, such as passwords and other sensitive information. The problem with this technique for the attacker is that the return on investment (ROI) can be very low.

Let me elaborate with a little story from my past. After my first company’s success and sale, I wanted to get out of the tech industry. I had made my money and wanted to get into a business that was always a passion of mine – cigars. When I opened my cigar store, I was a little lost when it came to advertising. I did my research and tried a few things from TV (Read more...)

*** This is a Security Bloggers Network syndicated blog from Cylance Blog authored by Chris Stephen. Read the original post at: