Cobweb

Thanks to MessageLabs for the following content, quoted from their Intelligence Reports

http://www.messagelabs.co.uk/intelligence.aspx

The term “whaling” was first used in 2007 to describe the highly targeted phishing-style attacks against senior executives around the world across a range of organizations. Unlike more random attacks, these are more like surgical strikes, intent on stealing intellectual property or confidential information, and by the time the victim is aware of the attack, it is too late.

Although these attacks aren’t as prevalent as traditional virus outbreaks, they are however increasing in numbers. Since early 2007, MessageLabs has intercepted around ten targeted attack attempts daily, an increase from one per day one year ago, and two per week two years ago. In the early examples from 2005, the main targets were multinational industries, but this is no longer the case; many such attacks now are equally levied against small-to-medium sized businesses too.

The first major whaling attack in 2007 occurred on June 26 when MessageLabs intercepted 512 emails with a Microsoft Word document attached, which contained an embedded spying trojan. All of the emails targeted senior executives across a number of organizations in many countries. So precise were these attacks that the subject line of the email included the recipient’s name and job title.

The next significant wave appeared in September with MessageLabs intercepting 1,100 individual email attacks from the same criminal gang responsible for the June outburst. This series of attacks purported to be from an employment service regarding a prospective employee and included the target’s company name within the subject line. Again, the emails were targeted towards C-level executives and senior management, including repeated attacks at the same company through different C-level entry points.