Whaling email scam

Protect your executives from a whaling email scam.

Protect Your Executives From A Whaling Email Scam.

A whaling email scam is a type of phishing attack directed at higher level executives or employees with access to financial control. In a whaling email scam, attackers pose as a CEO, CFO or another executive and request a wire transfer be made to an account that turns out to be fraudulent. This type of business email compromise attack relies on social engineering techniques to convince a recipient that an email is sent from a trusted source.

Because a whaling email scam typically does not use malicious URLs or weaponized attachments, it can be more difficult to defend against and regular phishing attacks. 1Whaling email scam incidences are rising sharply – the FBI reported a 270% increase in attacks from January to August 2015, with more than $1.2 billion in losses over two years.

1 "FBI Warns of Dramatic Increase in Business E-Mail Scams" - Federal Bureau of Investigation, April 2016

Prevent a whaling email scam with help from Mimecast.

To defend against a whaling email scam, IT teams need email protection software that can easily identify and neutralize attacks before they reach a user's inbox.

Mimecast provides an all-in-one service for email security, archiving and continuity that includes solutions for mitigating advanced threats, simplifying email retention, ensuring continuous access to email and sending large files via email.

As part of Mimecast's email security offerings, Mimecast Targeted Threat Protection with Impersonation Protect provides industry-leading tools to protect organizations and employees from a whaling email scam.

How Mimecast stops a whaling email scam.

Mimecast Impersonation Protect scans all incoming email for indicators of a potential attack. These include:

  • The display name or friendly name in order to spot a spoofed Internet email address.
  • The domain name of the sender's email address in order to determine if it is a near match to the recipient's domain name. A whaling email scam will frequently use a domain name that appears to be a trusted domain but in reality has slight and subtle differences.
  • The age of the sender's domain name, as attackers often use recently registered domains.
  • Certain suspicious keywords in the message, including phrases like "wire transfer" or "bank transfer."

When Impersonation Protect determines that an email may be suspicious, administrators can determine whether the message should be bounced, quarantined or tagged with a warning before sending it on to the recipient.

Learn more about stopping a whaling email scam with Mimecast, and about how to send a large file with Mimecast's big file sharing solution for emailing large files directly from a user's inbox, avoiding the need for third-party file sharing services that can compromise security.