Subscribe to Cyber Resilience Insights
Get the latest cybersecurity news, analysis and tips delivered to your inbox every week.
Protect your executives from a whaling email scam.
A whaling email scam is a type of phishing attack directed at higher level executives or employees with access to financial control. In a whaling email scam, attackers pose as a CEO, CFO or another executive and request a wire transfer be made to an account that turns out to be fraudulent. This type of business email compromise attack relies on social engineering techniques to convince a recipient that an email is sent from a trusted source.
Because a whaling email scam typically does not use malicious URLs or weaponized attachments, it can be more difficult to defend against and regular phishing attacks. 1Whaling email scam incidences are rising sharply – the FBI reported a 270% increase in attacks from January to August 2015, with more than $1.2 billion in losses over two years.
To defend against a whaling email scam, IT teams need email protection software that can easily identify and neutralize attacks before they reach a user's inbox.
Mimecast provides an all-in-one service for email security, archiving and continuity that includes solutions for mitigating advanced threats, simplifying email retention, ensuring continuous access to email and sending large files via email.
As part of Mimecast's email security offerings, Mimecast Targeted Threat Protection with Impersonation Protect provides industry-leading tools to protect organizations and employees from a whaling email scam.
Mimecast Impersonation Protect scans all incoming email for indicators of a potential attack. These include:
When Impersonation Protect determines that an email may be suspicious, administrators can determine whether the message should be bounced, quarantined or tagged with a warning before sending it on to the recipient.
Learn more about stopping a whaling email scam with Mimecast, and about how to send a large file with Mimecast's big file sharing solution for emailing large files directly from a user's inbox, avoiding the need for third-party file sharing services that can compromise security.