Due to an increasing concern on a new method of cyber fraud and scamming, aptly referred to as ‘whaling’, we decided to write a post on whaling and what you need to know about it.
It’s pretty easy to spot a scam when an e-mail is being sent to you from a stranger requesting money – but what if the e-mail seemingly comes from someone you know and trust? It used to be that cyber scams were run on everybody and anybody – but there’s a new method of scamming that has taken the business world by storm, especially smaller businesses. Specifically targeting executives and decision makers, the term ‘whaling’ suggests just that – targeting the ‘big fish’.
Recent research by Get Safe Online found that cyber crime cost Brits £268m ($500 million CAD) in one year, with one in ten adults handing over bank account details following fake tax rebate emails.
THE WAY IT WORKS
It seems that fraudsters are spending more time and effort in their methods, researching and developing elaborate facades to trick their targets. They research a company, learn its executives’ e-mail addresses and protocols and develop a similar one that, if you’re not paying attention, you won’t notice the minor difference. It can appear as a name that you recognize (because it is coming from an executive in your company) and even include a link that mimics an actual banking institution’s website. The variance to the URL can be as minor as a ‘.ca’ instead of a ‘.com’. Then in the body of the e-mail scammers give a situation that requires money to be transferred in a time-sensitive manner.
HOW TO PREVENT
- Develop an internal procedure for all requests and authorization of payments that are outside of standard company procedures
- Try to verify unusual payment requests in person or on the phone
- If the contact details provided are different from what you’re familiar with, don’t use them
- Be cautious of e-mails requesting unusual transfers
- Choose an e-mail password that is difficult to guess
The reality is that as businesses evolve, so will fraudsters and their scamming methodologies. By following the advice mentioned above, you will be better equipped to handle this scenario if and when it arises.