Whaling Attacks Jump Again in Q1

Whaling Attacks Jump Again in Q1

Three-quarters of UK IT professionals have seen an increase in whaling attacks this year designed to trick staff into transferring funds outside the organization, according to new research from email security firm Mimecast.

The vendor polled over 400 IT experts in the US, UK, South Africa and Australia in March 2016 to ask them about the state of play in the first three months of the year.

In the UK, the number of respondents who saw an increase in such incidents rose from 55% in December 2015 to 75% in March this year.

Also gaining in popularity are similar scams in which fraudsters look to elicit confidential information like HR or tax records. Some 38% of UK respondents claimed they saw an increase over the period.

When it comes to global figures, 67% of respondents said they saw a jump in the number of whaling incidents designed to defraud them of revenue, while 43% saw an increase in attacks looking for sensitive corporate information.

Whaling, or Business Email Compromise (BEC), typically involves a cyber scammer using a spoofed domain to pose as a company CEO or CFO.

They’ll often request a senior member of the finance team transfer funds out to an external bank account – so the attack relies for a large part on social engineering.

The FBI warned back in February of a sharp rise in BEC incidents, generating as much as $2 billion over the past two years and $800m in the previous six months alone.

To combat this growing threat, Mimecast has released a new cloud service designed to monitor for specific domain names and keywords like ‘wire transfer’ and ‘tax form’ – and alert IT teams to any suspicious activity.

Impersonation Protect enables security teams to block such emails or display additional security warnings to raise employee awareness.

“Whaling attacks have been growing around the world as cyber-criminals change their tactics to circumvent traditional email security techniques,” explained Mimecast security product manager, Steven Malone.

“Even the smartest employees can fall victim to these malware-less attacks designed to steal money or confidential data. Employee education and rigorous business processes play an important role but at Mimecast we believe advanced pattern recognition can play a larger role in identifying social engineering attacks.”

Source: Information Security Magazine