The latest email phishing attacks reveal a new tactic: Rather than go after lowest-common-denominator suckers, savvy frauds are going after executives and other big-money targets — "whaling" in security-speak. A recent attack appeared to be a subpoena for a San Diego District Court case, with the attached file triggering spyware that would log keystrokes. An earlier, similar attack targeted a high-level defense contractor. The spyware itself wasn't particularly advanced, but the social engineering component is. The attacks exploit a generation gap — executives tend to be older and prefer print documents, especially for official correspondence, and both attacks encouraged the potential victims to open PDFs. (Photo by NOAA)
