Accessibilty Links
We use cookies to improve your experience on our website. By continuing to browse, you agree to our use of cookies.
Whaling
Whaling is a form of phishing that targets businesses by sending emails to finance departments impersonating a chief executive or chief financial officer to trick employees into making deposits. Employees then process the payment, as they believe that the request came from a senior executive, and the fraudsters get away with the money. Financial institutions and private businesses are the primary targets for whaling scams, which generally require a lot of planning to be successful
How does whaling work?
- Getting to know the targeted executive
Fraudsters often make use of social engineering to gather information.
They trawl through social media sites and may even contact employees in the
organisation to get the required information. Fraudsters may even go as far as
getting a copy of the email template and electronic signature used by the
targeted executive to make the email seem more legitimate.
- Getting to know who holds the purse strings
Fraudsters determine who in the organisation can make large payments and
source the relevant contact details and any other information that they can use
to make the payment request seem more legitimate.
- Setting the trap
Having gathered the required information, fraudsters send a false email
from the executive asking that the employee make a payment into an external
account hoping that payment will be made.
Remember: Fraudsters
rely on the fact that employees will never question an instruction from an
executive. We are all very busy and often do not take the time to look at the
format, layout, grammar and punctuation in emails we receive. We merely scan
through them before we act. Be careful. How to protect yourself
Make sure that the email address on the email you
have received is correct and that it matches the email address on your business
system. Fraudsters often make small changes, such as adding a full stop or
changing one letter, hoping that you won't notice.Look out for odd requests and if you get emails
that seem strange or out of the ordinary, contact the senders and confirm that
the email came from them. Do not click on links in a suspicious email, as you
might unknowingly download malware onto your computer.Be careful what you disclose on social media. Fraudsters
make use of social media to gather information about their targets to make their
emails seem more legitimate.Don't disclose confidential information about
Nedbank or your colleagues to third parties over the telephone, as you might be
talking to a fraudster. What to do if you receive such an email
If you receive an email that you suspect is fake, delete it and inform
Nedbank Lesotho immediately by calling our Greenline on 800 22 072or 800
55 777. Do not respond to the email and do not click on any links.
Additional Information
You may also be interested in:
A lot of fraud stems indirectly from identity theft. And many victims only realise their identities have been stolen and misused when they apply for credit.
Phishing, smishing and vishing are all attempts to defraud you through email, mobile, and telephoning scams respectively. Letting you guard down just once can lead to a cascade of a serious losses.
With a beneficiary maintenance scam you'll usually get a fax or email on one of your beneficiaries' letterheads telling you that their banking details have changed. They will then ask you to pay future payments into their new account. As soon as you have made the payment the fraudsters will quickly withdraw the money, while the real beneficiary is left unpaid
Useful links & Contacts
You may also be interested in:
A lot of fraud stems indirectly from identity theft. And many victims only realise their identities have been stolen and misused when they apply for credit.
Phishing, smishing and vishing are all attempts to defraud you through email, mobile, and telephoning scams respectively. Letting you guard down just once can lead to a cascade of a serious losses.
With a beneficiary maintenance scam you'll usually get a fax or email on one of your beneficiaries' letterheads telling you that their banking details have changed. They will then ask you to pay future payments into their new account. As soon as you have made the payment the fraudsters will quickly withdraw the money, while the real beneficiary is left unpaid
Loading content...