7 February 2017

Would you fall for a phishing email? Do you know what one is?computer with code

Being at the helm of a technology firm, it has been fascinating to watch the industry evolve from getting people online, to keeping them safe and now to contending with ever-evolving threats.

We live in an extraordinary world where threats are no longer just physical and they are always evolving. Once one threat is mitigated, there’s a new one on the horizon, or a different version or technique to contend with!

Earlier this month, I wrote a column for IT Pro Portal about whaling. Whaling is the latest evolution of phishing – faked emails aiming to trick recipients into sharing their personal details or clicking an infected link.

More than 80,000 successful phishing attacks occur every day worldwide. That’s more than 80,000 people who click the link and are netted by the baited website into handing over their details. This results in stolen identities, financial loss, credit card fraud and other internet scams and the fallout from an attack like this can be massive. The FBI recently lost 20,000 records from someone calling the helpdesk and pretending to be a new employee! If it can happen to them, it can happen to anyone.

Whaling sees extraordinary sums of money involved in these scams – one MD approved a £30m payment in a single incident.

Why whaling? Because it’s a bigger target than a phish!

In whaling attacks, frontline workers are targeted to gain access to bosses’ credentials and information, helping attackers build a credible method of approach to their target. Posted as urgent and looking legitimate, employees are being duped by the ‘whaling’ techniques, resulting in CFOs and CEOs making massive payments into accounts not run by their company.

These attacks are not going to stop, so it’s your responsibility to be prepared. Rather than just telling your team what to look out for, you actually need to test them. There are three steps you need to take: tell your team, test your team, and then invest in more technology.

If you ever need any advice on this, our experts at Secarma are on hand.

Back to Blog