e-Why, What & How · 2019-04-24

“Whaling” spears the financial resources of companies via fraudulent emails – e-Why, What & How

Whaling

Tumisu / Pixabay

Internet fraud is an ever increasing scourge, particularly where businesses are targeted. Lately, a new scam known as Whaling has come to the fore. It’s email based, & targets individuals in companies who have authority over financial resources.

An FBI report says that 78,617 companies were targeted between October 2013 & May of 2018, resulting in losses of US $12,536,948,299 — that’s staggering, is it not?

Generally, such phishing attacks are pretty sophisticated & follow a period of intense reconnaissance by the scammers, who do their homework on the inner workings of a company before they begin. Once the criminal has established who to approach within the company & what to use as the trigger for obtaining illicit funds, they send an email to an unsuspecting authority figure, requesting a change in payment details, or a wire transfer for an urgent expense. These communications are styled to look as though they are internal — often using the CEO’s name, & near equivalent email address to the CEO’s, which might go undetected if all else in the email looks normal.

To demonstrate the modus operandi in a better way,  let’s say that a company pays a particular supplier on a monthly basis, & a designated employee is responsible for transferring the payment. All the hacker or criminal needs to do is send an official looking email to that employee, requesting a change in banking details for the upcoming payment. He/she may also send an inflated invoice for services rendered or products supplied. The employee, who is used to dealing with the supplier’s payments, complies because the email originates from a known communicator & looks legitimate.

These scammers are clever enough to register domain names similar to those they need to emulate—nutsandbolt.com. For instance, rather than nutsandbolts.com — then its a simple matter of faking a named email address, such as accounts@nutsandbolt.com, & knowing the name of the person an employee usually deals within the supplier’s company. Also, they usually, present the email invoice at an earlier time than normal, with a well thought out excuse, so as not to clash with the actual supplier’s payment directive & raise suspicion. This is merely one example, many other scenarios exist, but a common thread is that the criminals have engaged in what is known as ‘Spear Phishing’ to identify their ‘mark’ & that the scam is email based, impersonating a known figure in higher or equivalent authority — someone the ‘mark’ will listen to without question.

Standard information available on the Internet is a ‘gold mine’ for these cyber criminals. Companies often list their supplier’s names & those of their authority employees, such as their CEO & CFO on the company Websites’, then it’s a simple matter of using Sites such as LinkedIn to gain further information such as personal business contact emails. Companies that do not have dual signature methods for changes in financial information are particularly vulnerable, as well as those unaware of this type of crime. However, with growing reporting on this scam, & increasing awareness, one hopes that the number of attacks will ebb soon.


 

Click here to opt-out of Google Analytics