Unless you’re in the tech world, you’ve probably not heard of a whaling attack before, at least not in the context I am going to be talking about it!

But as the business owner, it’s your responsibility to be aware of any risk that could threaten your data security and therefore your business

Whaling – sometimes called MD or CEO fraud – involves impersonation.

Cybercriminals pretend to be an organisation’s MD/CEO, Director, Line Manager or Supplier in order to access funds or sensitive data.

Whaling is aimed at high level individuals, such as directors, heads of departments and managers. And attacks are on the rise…

As more of us work in a hybrid environment and communication of all kinds has grown and grown, this form of social engineering tries to catch people off guard. As they feel unable to refuse a request from someone appearing to be the head of their company, or their manager.

If you are asked to transfer money, provide sensitive information or click on links, it’s always worth taking a moment, to stop and think.  Would it be the sort of thing you would expect from this person?  If you are unsure it is always best to validate with a phone call to make sure the person the message appeared to come from actually did send it.

Always be aware of unfamiliar email addresses, changes to banking details, and a heightened sense of urgency.  Requests for confidential information should always be verified by another means as a general rule and any personal confidential information should always be sent in an encrypted form.

For more information about cyber security, get in touch with us today.