31478 Industrial Road Suite 200, Livonia, Michigan 48150 sales@xfer.com

XFER Blog

XFER Blog

XFER has been serving the Livonia area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Business Executives are Targeted with Whaling Scams

b2ap3_thumbnail_Whaling400_20130217-211618_1.jpgEven if you are using the best antivirus software available, sensitive company data can still be compromised by users falling victim to phishing scams. Phishing is a tactic where scammers trick users into giving out their personal information, usually through deceptive spam e-mails. Looking to fry bigger fish, scammers are trying their luck at whaling.

Whaling is a scam that specifically targets high level business executives. Why use a phishing net to catch a few small fish when you can use a harpoon and catch a large whale? Business executives are valuable targets because they are accountable for the most sensitive of company information. A whaling scam is designed to trick an executive into filling out forms that can lead to identity theft. Whaling can also be used to gain control of an executive's PC to steal passwords and confidential company information.

What makes whaling so effective is that it is less obvious than a generic spam message. With whaling, a scammer will craft a personalized message to the executive using references and names that will make the con believable (details like names of family members, schools attended, hobbies, etc.). In order to get ahold of a target's personal information, a scammer will mine many different resources on the internet and even rummage through physical garbage. It is also believed that scammers work together and buy executive's online profiles from each other. Scammers put a lot of work into a single message, all in an attempt to make the message as believable as possible.

While e-mail is often used in whaling, it is not the only harpoon in the tackle box. Scammers also like to use phone calls where they pretend to represent the company from a different office, or a vendor that needs more information regarding a contract. Scammers who use phone calls for whaling spend lots of time doing their homework to learn personal information and company culture; they may even have a script prepared. Many scammers view this as a challenging game. There are even legal competitions where phone scammers will get together, pick a company, and see who is the fastest at extracting sensitive corporate information from executives.

Falling for a scam like phishing and whaling typically finds its way around antivirus software and firewalls because victims are tricked into granting permission to download the malicious code onto their network. Educating yourself and your employees about these potential threats and what to look for is your best defense. A strong network security solution still plays a vital role in protecting your company's network from security threats like phishing and whaling, especially if downloading a known malware is part of the scam.

XFER wants to help protect you from all scams and viruses. We can outfit your business with a strong network security solution like a Unified Threat Management tool, and help educate you and your employees on what to look for in a scam. Don't get harpooned, call XFER at 734-927-6666 / 800-GET-XFER.

Streamline Printing with a Print Server Solution
Microsoft’s Surface Pro - a Full PC Experience in ...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Saturday, 23 November 2024

Captcha Image

Customer Login


Cybersecurity Risk Assessment

cybersecurity-audit

Our risk assessment will reveal hidden problems, security vulnerabilities, and other issues lurking on your network.

Request Yours Today!

Contact Us

Learn more about what XFER can do for your business.

XFER Communications, Inc.
31478 Industrial Road Suite 200
Livonia, Michigan 48150