Protecting a whale in a sea of phish. (September 2020)
- Record Type:
- Journal Article
- Title:
- Protecting a whale in a sea of phish. (September 2020)
- Main Title:
- Protecting a whale in a sea of phish
- Authors:
- Pienta, Daniel
Thatcher, Jason Bennett
Johnston, Allen - Abstract:
- Whaling is one of the most financially damaging, well-known, effective cyberattacks employed by sophisticated cybercriminals. Although whaling largely consists of sending a simplistic email message to a whale (i.e. a high-value target in an organization), it can result in large payoffs for cybercriminals, in terms of money or data stolen from organizations. While a legitimate cybersecurity threat, little information security research has directed attention toward whaling. In this study, we begin to provide an initial understanding of what makes whaling such a pernicious problem for organizations, executives, or celebrities (e.g. whales), and those charged with protecting them. We do this by defining whaling, delineating it from general phishing and spear phishing, presenting real-world cases of whaling, and provide guidance on future information security research on whaling. We find that whaling is far more complex than general phishing and spear phishing, spans multiple domains (e.g. work and personal), and potentially results in spillover effects that ripple across the organization. We conclude with a discussion of promising future directions for whaling and information security research.
- Is Part Of:
- Journal of information technology. Volume 35:Number 3(2020)
- Journal:
- Journal of information technology
- Issue:
- Volume 35:Number 3(2020)
- Issue Display:
- Volume 35, Issue 3 (2020)
- Year:
- 2020
- Volume:
- 35
- Issue:
- 3
- Issue Sort Value:
- 2020-0035-0003-0000
- Page Start:
- 214
- Page End:
- 231
- Publication Date:
- 2020-09
- Subjects:
- Whaling -- phishing -- spear phishing -- hypercontextualization -- business email compromise -- cybersecurity
Information technology -- Periodicals
Information storage and retrieval systems -- Periodicals
Information resources management -- Periodicals
658.40380285 - Journal URLs:
- http://www.palgrave-journals.com/jit/index.html ↗
http://www.palgrave.com/home/index.asp ↗ - DOI:
- 10.1177/0268396220918594 ↗
- Languages:
- English
- ISSNs:
- 0268-3962
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 5006.790000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 13746.xml