Thought “Whaling” was just something that marine conservationists got upset about? Think again. “Whaling” is a type of scam that involves hackers targeting CEO’s or high up execs in companies. Whaling emails are a step up from “Spear phishing emails” and involve a hacker obtaining details of a company CEO and emailing them directly, or sending an email from an email that looks like their email address, in an attempt to take over their PC, obtain financial details, or process a bank transfer.
These emails are not the traditional scam emails we have become overly familiar with:
Good day Sir, you have been left $2,000,000 in your great, great uncles will, in South Africa. I am his attorney. Please send on your bank details and we will transfer the money.
Whaling or spear phishing email addresses will be almost carbon copies of a CEO’s or the Financial Controllers email address with a slight misspelling that you could easily miss if reading in a rush. Eg.
Emily MacDonald Notice how the double o has changed to double zero
Richard Brown Look at the m in acme, it has been replaced by rn
Isaac King Spot the 2nd s on plastics
These emails will usually ask you to arrange a bank transfer or review/sign an attached document (zip file, Word, Excel) or ask you to click on a link (to a Google Doc, malicious website) Once you have clicked on the link or document malware will attempt to hijack your PC and network. As soon as you realise something is awry, call a QuickTec Engineer immediately. Once you have made a bank transfer, call your bank immediately.
How can you combat whaling or spear phishing threats?
If you receive an unexpected email to make a bank transfer from your colleague or supplier:
o Don’t reply by email to double check if it is legit. Double check the email address and pick up the phone and speak to the person who requested the transfer.
If you receive an unexpected email to open an attached document to sign, again
o Don’t reply by email to double check if it is legit. Double check the email address and pick up the phone and speak to the person who asked you to click on the link or open the attachment.
Update your Firewall and Anti-Virus
o Make sure you have the latest update of a business version of Anti-Virus and buy a Firewall with an up-to-date security suite. Contact QuickTec for options and prices for Anti-Virus licences and Firewalls. Having these layered forms of protection will filter out a lot of spam emails. However, some whaling emails will still get through. When you click on the malicious link your Firewall will either stop you from going to the compromised site or give you a pop up alert to say that the link is suspicious. If you do click on a suspicious link, running your Anti-Virus immediately afterwards can detect the virus. However, they will not detect and protect you from all Viruses, Malware, Trojans so it is better to pick up the phone and call the sender before clicking on suspicious links or attachments.
o Make sure you back up your PCs and Server each night. It is best to replicate your whole IT system, rather than just back up the critical data, if you want to avoid downtime. If the aim of the hacker is to infect your PC and Network, rather than arrange a bank transfer, then they may use Malware/Ransomware to encrypt all of your data and demand that you pay them in Bitcoin or you will lose all of your data. If you have been backing up your IT system each night then you will only lose that days work and everything else can be restored from your back up without paying the Ransomware. Call QuickTec to find out if your being backed up securely.
Do your Windows updates and patches regularly. As part of a QuickTec support contract, we do the updates and patches for you so you don’t have to worry.
Replace any old Windows XP PCs and Windows 2003 Servers with a newer supported version.
Prevention is better than cure, so if you're unsure if your IT System is safe and secure, call us at QuickTec for a free consultation.