Whaling Protection – Cyber Hygiene

As part of your cybersecurity “wellness” or hygiene – here’s a quick bit of advice, gleaned from a local cybersecurity expert:

Hey team,

In an effort to further enhance our company’s cyber defenses, we want to highlight a common cyber-attack that everyone should be aware of – whaling.

Whaling is a type of scam aimed at getting an employee to transfer money or send sensitive information to a hacker acting as a trusted source via email. Whaling is extremely easy to fall for and can result in significant financial losses.

These e-mails can be difficult to catch because they appear to be harmless, and have a normal, friendly tone and no links or attachments. They will appear to come from a high-level official at the company, typically the CEO or CFO, and often ask you to disclose sensitive information or initiate a wire transfer.

A few things to watch out for in a typical whaling attempt:

  • Doppelganger: Whalers may utilize fake e-mail domains that look similar to our domain. Watch out for things like: [email protected]
  • A hurried tone: Whalers will often ask you to send money immediately, stating that they’re busy or in a meeting, and can’t do it themselves.
  • E-mail only: Since whaling relies on impersonating an employee via a fake, yet similar email address, they will ask you not to call with questions and only reply through e-mail.

If you receive an e-mail that you suspect to be a whaling attempt, or if you are unsure of an e-mail’s legitimacy, please do not respond. Contact your tech or security person.

Remember, nobody from yourcompany.com will ever request personal information, usernames, passwords, or money from you via email (or shouldn’t!).

Share:

More Posts

Bookkeep Launches Shopify Partner Program

Selling online is becoming more and more the norm. In today’s ecommerce world, Shopify has become the selling tool of choice for most online merchants. There are also many brick-and-mortar

PSHSB Adopts Multilingual WEA Templates

On January 8, 2025, the Public Safety and Homeland Security Bureau (“PSHSB” or “the Bureau”) released a Report and Order outlining key steps to improve Wireless Emergency Alerts (“WEA”) accessibility