pandasecurity-whaling

Last year, an undisclosed employee from Pennsylvania based Alpha Payroll was wrongly fired because he fell for a deceptive cyber-criminal’s trap. The company, Alpha Payroll, is known for processing payroll solutions for businesses, but now the company will be remembered as the victim of a very large Phishing scam.

It all started when an employee received an email from the company’s CEO that stated, “send me copies of all the 2015 W-2 forms produced by Alpha Payroll on behalf of its customers.”

Of course, the employee believed the email was legitimate and he fulfilled the CEO’s request. Attentive and obedient, the assistant fulfills his mission.

But the CEO never sent this email, in fact the company had a policy that prohibits employees from sharing W-2 information. But put yourself in the victim’s shoes, a bottom level employee… would you question an email sent to your from the CEO? Unaware that he was victim of a phishing scam, and that his boss was being impersonated, the employee fell for the scam and, later, was fired.

It wasn’t until one of the company’s clients discovered something strange on payrolls and notified the authorities that an investigation was opened. Alpha Payroll was finally involved in the mess but by then it was too late, they were already involved in a cyber-criminal’s Whaling scheme.

Phishing is old-school. It is the most basic form of impersonation without any specific objective. Then spear phishing was discovered, which is more personalized and directed. Now we have what is called whaling, because cyber-attackers are aiming for senior managers exclusively.

How does Whaling work?

It is easy for an attacker to steal identities that belong to company executives and deceive employees. The fraudsters simply go after employees who are less cautious or unfamiliar with detecting internet fraud.

According to the FBI, whaling has become such a big problem that it has already cost companies in 80 different countries more than 2.3 million dollars (more than 2 million euros) in the last three years. Since January 2015, the number of identified victims had increased by 270%, including well-known companies like Mattel, Snapchat and Seagate Technologies.

Whaling has already cost companies in 80 different countries more than 2.3 million dollars (more than 2 million euros).

A great way to protect your business is with a team of duly trained employees, especially those who have access to highly sensitive information or who perform delicate operations like transfers. It is also very important to establish clear policies for transferring information or reports between departments, employees and executives.

The usual protection solutions don’t begin working until after the attack has already been successful, making them impossible to remedy. In order to proactively protect yourself against this type of attack, next-generation EDR solutions are the only option because they look for both unknown and known vulnerabilities. They control 100% of the processes, whether they are malware or goodware, and they are always in control of any strange behaviors.