I am sure most of you are aware of phishing which is when you receive an email from what seems like a reputable source but is actually a hacker trying to get information. Typically, these fake emails can be spotted as they address you as “loyal customer” rather than by your name, are grammatically poor and almost always ask you to supply confidential details such as a password or account number.
Now there is a new subcategory of phishing known as “whaling” and, according to cyber security advisor Smarttech 247, the number of these attacks tripled throughout the last year.
Although similar in many ways to phishing, whaling specifically targets companies and businesses. Typically the whaler imitates or exploits the CEO’s email address and sends messages to senior management and staff. These usually take the form of an urgent request for sensitive or confidential information.
The recipient will naturally want to respond to the boss efficiently and often sends the information without thinking too closely about it. Who is going to question the boss, especially if the query is marked ‘urgent’?
Employees need to be made aware of this new threat and be prepared to question their superiors. It may lead to some minor embarrassments along the way but sooner that than disclosing confidential company information to criminals.