What is Whaling?
You are probably familiar with phishing, a tactic whereby scammers trick users into giving out their personal information, usually through deceptive spam e-mails. Most people no longer even open junk emails claiming to be about a fictitious delivery or court date. Looking to catch bigger fish, scammers are trying their luck at whaling.
Are You a Big Phish?
Whaling is a scam that specifically targets high-level business executives, who are valuable targets because of their high-level access. A whaling scam is designed to trick an executive into filling out forms that can lead to identity theft. Whaling can also be used to gain control of an executive’s PC to steal passwords and confidential company information.
The Con
Whalers are slick; they put a lot of effort into creating a personalized message, using references and names that will make the con really believable. Scammers will mine many different resources on the internet and even rummage through physical garbage in order to get details like names of family members, schools attended, hobbies, etc. Scammers even buy executive’s online profiles from each other.
They’ve Got Your Number
Beyond emails, scammers also call and pretend to be from a different office of your company, or from an existing vendor needing more information. Scammers who use phone calls for whaling spend lots of time data mining your life to learn personal information and company culture; they may even have a script prepared. There are actual competitions where phone scammers will get together, pick a company, and see who is the fastest at extracting sensitive corporate information from executives. It’s a hunt, and you are the prey.
What to Do
Scams like these are not typically stopped by antivirus software and firewalls because victims grant the permissions scammers need to extract sensitive data or download malicious codes onto their network.
Educating yourself and your employees about what to look for is your best defense. But a network security is equally vital in protecting your company’s network from security threats like phishing and whaling, especially if downloading malware is part of the scam.
Quikteks Tech Support wants to help protect you from all scams and viruses. We can outfit your business with a strong network security solution like a Unified Threat Management tool, and help educate you and your employees on what to look for in a scam. Don’t get harpooned; call Quikteks Tech Support at (973) 882-4644.