PARTNER BLOG: Whaling Warning for 2016

Tikit is partnered with Mimecast and resells Mimecast email management solutions in the UK and US and works closely with them to deliver to the legal and professional services sector.  To find out more about Mimecast and how it could work for your firm, please contact our sales team.

Mimecast 1

Whaling Warning for 2016

by ORLANDO SCOTT-COWLEY – Cyber Security Strategist at Mimecast

Mimecast today released results of a survey* of IT experts at organizations in the US, UK, South Africa and Australia. The results show the majority (55%) of organizations have seen an increase in the volume of whaling email attacks over the last three months.

Mimecast 1

Whaling attacks (also known as Business Email Compromise – BEC) use email sent from spoofed or similar sounding domain names, and appearing to be sent from the senior executives, to trick accounting or finance users into making illegitimate wire transfers to cybercriminals. The research reveals that most whaling attacks pretend to be the CEO (72%), while 36% had seen whaling emails attributed to the CFO. This type of targeted attack relies on a significant amount of prior research into a target organization to identify the victim and the organizational hierarchy around them.

Cyber attackers have gained sophistication, capability and bravado over the recent years, resulting in some complex and well executed attacks. Whaling emails can be more difficult to detect compared to phishing emails because they don’t contain a hyperlink or malicious attachment, and rely solely on social-engineering to trick their targets.

Social media provides attackers with much of the information they need to execute these attacks, especially when combined with wider insider research. Sites like Facebook, LinkedIn and Twitter provide key details that when pieced together, give a much clearer picture of senior execs in the target business.

To help protect against whaling attacks, we’ve collected this group of recommendations for IT teams to focus on in 2016:

  • Educate senior management, key staff and finance teams on this specific type of attack.
  • Carry out tests within your own business. Build your own whaling attack as an exercise to see how vulnerable your staff are.
  • Use technology where possible. Consider inbound email stationery that marks and alerts employees to emails that have originated outside of the corporate network.
  • Subscribe to domain name registration alerting services so you are alerted when domains are created that closely resemble your corporate domain.
  • Consider registering all available top-level domains (TLDs) for your domain, although with the emergence of generic TLDs (gTLD) this may not be scalable.
  • Review your finance team’s procedures and consider revising how payments to external third parties are authorized.

For a more detailed analysis, including a breakdown of how whaling attacks are conducted download Mimecast’s whaling security advisory here.

*N.B. Mimecast surveyed approximately 450 IT experts at organizations in the US, UK, South Africa and Australia conducted in December 2015.

About Mimecast

Mimecast makes business email and data safer for more than 14,500 customers and millions of employees worldwide. Founded in 2003, the Company’s next-generation cloud-based security, archiving and continuity services protect email, and deliver comprehensive email risk management in a single, fully-integrated subscription service. Mimecast reduces email risk and the complexity and cost of managing the array of point solutions traditionally used to protect email and its data. For customers that have migrated to cloud services like Microsoft Office 365, Mimecast mitigates single vendor exposure by strengthening security coverage, combating downtime and improving archiving.

Mimecast Email Security protects against malware, spam, advanced phishing and other emerging attacks, while preventing data leaks. Mimecast Mailbox Continuity enables employees to continue using email during planned and unplanned outages. Mimecast Enterprise Information Archiving unifies email, file and instant messaging data to support e-discovery and give employees fast access to their personal archive via PC, Mac and mobile apps.