If you’re a CEO, a boss, a social media influencer, or in a position of a higher power, then this is a scam you need to watch out for. Your employees could be receiving emails with links leading to fake websites, thinking that they are from you. Once they open up these fake websites, they are in for a surprise when there is a form to fill out your business’ very private information. They then wonder if they should trust this form, and most likely they will since the email says it’s from you. Make sure that you let your employees know about this horrifying CEO fraud scam.
CEO Fraud Phishing Emails: How Does a Whaling Attack Work?
A whaling attack is basically just another term for CEO fraud phishing emails. Whaling attacks focus on higher executives with some sort of power, such as a CEO, boss, or an influencer of some sort. They usually impersonate the person with higher power and email their employees a link to a fake website.
On this fake website, it contains a form that asks for the business’ personal and financial information. Once the victim puts down the information, the scammer then uses it for their own well being. They can now impersonate the business when signing up for credit cards and other benefits, while also stealing funds from the business’ bank accounts.
Examples of Businesses That Faced Whaling Attacks
- Snapchat: The payroll department received an email from a scammer pretending to be their CEO asking for payroll information about their employees.
- Mattel: Their top finance executive received an email from someone impersonating their new CEO. They almost lost $3 million due to this incident.
How to Avoid CEO Fraud
- Train your employees to not give away the company’s secret information to anyone over email.
- Teach your employees your official email address and ask them to look for misspellings from any email sent to them.
- Keep your social media information private and don’t tell anyone what your log-in information is.
- Don’t discuss finances over email and plan meetings in-person (or video chat) to discuss financial decisions.
- Report any CEO fraud and whaling attacks to the FTC.
Social Catfish is Here to Help You!
At Social Catfish, we want to help you verify the identities of those who might seem suspicious to you. If you have their name, email address, phone number, social media username, or image, you can reverse search and see who the suspected person was that you’ve been in contact with if you think you’ve been a victim of CEO fraud.
No sales pitches, no games, and one-click unsubscribe.