Humpback Whale
Image by Brigitte Werner from Pixabay

Whaling Phishing Scams

You get an email from your “boss” (or someone else you know) with the subject “Got a moment” asking “Are you available?” You want to help, and reply asking what you can do. They are in a meeting or can’t access the internet right now, but they need your help urgently.

Whaling is a form of spear phishing that exploits our trust and deference to authority figures. It is also know as CEO fraud, where someone pretends to be a manager or CEO.

They ask you to call a 1-900 number or to buy some Amazon gift cards and email them the serial numbers. By then you guess that something is fishy, and take a closer look at the email address. It’s not from an @msvu.ca address, but from firstname.lastname.msvu.ca@gmail.com. MSVU staff have been receiving these types of imposter phishing emails since August 2019.

If you called that number, you would end up with an expensive charge on your phone bill from a company in a faraway land. That is known as “toll fraud” or “International Revenue Share Fraud”.

If you sent them the serial numbers, well you just sent them cash.

In more serious email scams, organizations have been defrauded millions of dollars using fake, imposter email accounts.

Whaling Red Flags

Watch out for emails with any of these red flags:

  1. A “{Spam?}” warning tag in the subject line
  2. The sender email address is not from @msvu.ca and doesn’t match the senders name
  3. A warning that says “This message was marked as spam using a junk filter other than the Outlook Junk E-Mail filter.”
  4. A warning that says something like “[FIRST.LAST@RANDOMSITE.CH appears similar to someone who previously sent you email, but may not be that person. Learn why this could be a risk at http://aka.ms/LearnAboutSenderIdentification.]”
  5. They request you to do something quickly
  6. They ask you to buy gift cards and then email them back the serial numbers

These red flags may mean that the sender is impersonating someone you know. Maybe it is your boss emailing you from their real Gmail account, but always check the email address of messages that contain these warnings to make sure it’s legit.

Please forward suspicious emails to phishing@msvu.ca.

Whaling phishing example