Phishing and Whaling

A few months ago we covered a little about phishing – with a “ph.” It’s the millions of e mails sent blindly hoping to get you to click on the link and supply personal information. They’re often from Paypal, E Bay or the Royal Bank claiming your account has been frozen for irregularities. I received three about the Royal Bank and I sure don’t deal with the mega banks. They’re always, always fraudulent so never ever click on them. Think about it, I’d bet your bank doesn’t even have your e-mail address and they never communicate with you by e-mail.

The newest, and way more sophisticated con is called whaling. Whales are big – that’s the implication here. These are e-mails specifically targeted to executives, business owners and big cheeses. These are researched and written very well.
They are generally claiming to be from the Better Business Bureau, a vendor request for invoice information, from a lawyer with a summons or a recruiting firm.

What the crooks want in this case is to have you click on the attachment. Once that’s done, the spyware installs a key logger program that detects all your key strokes on the computer.

They’re not looking to tap that note to your sister, but the spyware is sophisticated enough that the crooks can detect when you’ve logged onto a bank site, your brokerage account or the likes. It then picks up the log in and passwords you’ve entered and as soon as you’re logged out, the crooks go in and clean out the account.

This is a really, really nasty scam that’s hit hundreds of executives already because it’s well researched, written and targeted.

Just make sure you run your anti-spy software regularly and follow my number one rule for these things and any attachments you don’t recognize: Just don’t click!

Leave a Reply

Your email address will not be published.