UK businesses are being urged to safeguard against cyber threats following a series of attempted “whale phishing” attacks. The fraudster impersonated the MD of the latter organisation in an email sent to the accounts coordinator requesting a bank transfer.
Whale phishing is a sophisticated method deployed by hackers that targets senior executives and decision makers to access financial information such as credit card details, bank account numbers and passwords. Probrand is warning businesses to act more vigilantly as security breaches become increasingly targeted.
Richard Pearson, managing director at ResourceBank said: ‘‘Our accounts coordinator received an email asking for a money transfer. In terms of look and feel, the email was extremely convincing, with the same footer and logos as our standard sign-off.
“When she clicked to reply, she noticed that the email address was entirely different. At this point she flagged up the email to the IT department who contacted Probrand to analyse it. Probrand applied their security software and confirmed it as a fake.
Mark Allbutt, technical manager at Probrand Ltd said: ‘‘Whale phishers will often try to gather some initial information about you to make it appear as though they are a trusted and recognised source. This includes creating identical email footers and logos, which hackers will often access by compromising your device – or the device of someone that you have emailed before.
It’s essential that businesses are aware of these types of threats and have processes in place to safeguard against them.”
Probrand’s top three tips to safeguard against whale-phishing:
Use an effective sender policy framework
Whale phishing impersonates staff, sending requests for sensitive information or monetary transfers from what appears to be a recognised email address. However, when targeted recipients reply to these emails, the address will often be completely different.
A sender policy framework in addition to a spam filtering solution, allows recipients to validate incoming emails by checking that the domain comes from a host authorised by the same domain’s administrators.
This makes it much more difficult for changes in email addresses to go unnoticed. To avoid becoming complacent, businesses can – and should – regularly tweak and fine-tune spam filtering systems to ensure that would-be hackers are kept on their toes.
Don’t accept the norm
There is a culture among businesses where we’re used to receiving anything from ten to fifty pieces of ‘spam’ emails every day. Accepting this as the norm simply isn’t good enough, genuine SPAM should not be received to workers mailboxes at all..
A good starting point is to differentiate between different types of spam – mass mailers that may prove frustrating but come from a legitimate source, versus those that are completely disingenuous, and potentially harmful.
It’s important that IT managers and directors listen to users to monitor the level of spam that is continuing to come through; equally, that users are proactive in coming forward and reporting suspicious emails.
There is of course, an element of common sense when it comes to whale phishing. A large part of this lies with educating staff about the nature of these attacks. In doing so, employees will start to become more self-aware in spotting the warning signs. Crucially, always verify any requests that ask you to transfer money or share sensitive information.