Insights from the UK and beyond
Gone whaling: Web fraudsters land a bigger catch
Then there was “spear phishing” – more sophisticated, targeted attempts to defraud specific organisations or their customers.
Now online fraudsters are trying to land even bigger catches by harpooning company bosses and their senior managers.
This latest and most audacious technique is called “whaling”
Fraudsters attempt to lure executives to reveal sensitive details about their business or click on a link in an email that will secretly download malicious software onto their computer.
Criminals could then attempt to defraud the company using the information they quietly gather.
Guy Bunker of Symantec, the Internet security company, says: “Whaling is basically going after the big fish in the sea. It’s targeting people at the top of the organisation.”
“There have been attacks in the States where a whole bunch of CEOs get sent a very official looking email that say you’ve been subpoenaed in court. If you click on this link you’ll get the citation.”
The link was the bait and the boss has exposed his corporation to fraud.
The extent of that problem was laid bare at Infosecurity Europe, an annual computer security conference held in west London.
A government-sponsored survey carried out by PricewaterhouseCoopers said online fraud costs the British economy alone about 6 billion pounds a year.
And with more business carried out online, the problem shows no signs of going away.
Lord Erroll, a technology expert in the House of Lords, told the conference: “The world isn’t going to change with a new generation coming through. It will have gullible and greedy people in it as well.
“So there will be people who do things wrong and are stupid and get conned. Technology alone isn’t going to protect people.”