The FBI has issued a warning over a massive increase in business email scams or ‘whaling attacks’, which have cost businesses a staggering $2.3bn in losses in under three years.
Victims of whaling attacks typically lose huge sums of cash and this is reflected in the FBI’s updated figures.
While it's unclear who is behind these attacks and what their nationality is, according to the FBI's figures, most of the transfers are going to banks located within China and Hong Kong. That may be because, as an Associated Press report highlighted last month, China is emerging as an international hub for money laundering.
Whaling attacks typically involve setting up a bogus email account that appears similar to that of a senior business figure, such as the CEO, at a company. The attacker then emails a financial controller with urgent instructions to wire a transfer to a known supplier. The attackers typically target businesses that work with foreign suppliers.
The latest FBI update on the scam comes from its Phoenix, Arizona office. According to it, the average loss per victim in Arizona is between $25,000 and $75,000, however there are numerous cases where losses exceed these amounts.
The FBI’s advice to business is to be cautious of email requests to wire money and if the request is to send funds to a business partner, call the business partner first. Anyone with access to the company purse strings should also be wary of spoofed email addresses.
Take this 5 minute survey on The State of Cloud Storage & Collaboration 2016 and go in the draw to win a $500 Visa credit card.Start Survey NOW
- Job hunting? White House seeking a CISO
- Criminals abuse eBay-owned Gumtree.com.au to spread malware
- IoT security threat a rising tide, not a tidal wave: LogMeIn CEO
- After security scare, Facebook backs Google’s rogue certificate tracker
- Cyberwar Incident Response at the Speed of Thought
- Ad-serving standard could be supporting malvertising
- Baffled by tanking Google traffic? Safe Browsing now has better answers