{"id":1108,"date":"2015-09-14T03:46:24","date_gmt":"2015-09-14T03:46:24","guid":{"rendered":"https:\/\/kinetics.co.nz\/?p=1108"},"modified":"2015-09-14T03:46:24","modified_gmt":"2015-09-14T03:46:24","slug":"spearphishing-aka-whaling","status":"publish","type":"post","link":"https:\/\/new.kinetics.co.nz\/?p=1108","title":{"rendered":"Spear-Phishing (aka Whaling)"},"content":{"rendered":"

There’s yet another new, and nasty, ‘phishing’ attack doing the rounds.\u00a0\u00a0 We’ve heard it called SpearPhishing, or Whaling.\u00a0 Here’s how it works.\"Scam\"<\/p>\n

The villains research the name of your CEO and your accountant\/CFO.\u00a0 This is often just a matter of looking on your website for the names.\u00a0 Then they send the accountant an email, pretending to be from the CFO.<\/p>\n

They are very clever at how they spoof this, picking an email address that’s close enough to be legitimate that you are fooled unless you look really carefully.\u00a0\u00a0 The CFO replies – the (fake) ‘CEO’ responds with the necessary details and confirms the instructions.\u00a0 The poor accountant thinks they are getting a legitimate instruction from the CEO.\u00a0 Here’s an example we saw last week from a client (read it from the bottom up)<\/p>\n

These villains are very clever.\u00a0 The emails look credible, especially given that they purport to come from something like an iPad, that means the reader forgives the poor formatting and spelling errors.\u00a0 The messaging is credible, but the dollar amount is enough to raise flags.\u00a0 Imagine if it were a smaller amount!<\/p>\n

Luckily in this case, our client’s CFO was much too alert and they picked up on the scam straight away.\u00a0\u00a0\u00a0\u00a0It’s clearly fairly widespready – we noticed NBR reporting it as well<\/a>, so it’s doing the rounds!\u00a0 In the meantime, just as this client did, manually verify the instruction – send a new email (don’t just reply) or phone the person.<\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

There’s yet another new, and nasty, ‘phishing’ attack doing the rounds.\u00a0\u00a0 We’ve heard it called SpearPhishing, or Whaling.\u00a0 Here’s how it works. The villains research the name of your CEO and your accountant\/CFO.\u00a0 This is often just a matter of looking on your website for the names.\u00a0 Then they send the accountant an email, pretending […]<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4],"tags":[],"class_list":["post-1108","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/1108","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1108"}],"version-history":[{"count":0,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=\/wp\/v2\/posts\/1108\/revisions"}],"wp:attachment":[{"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1108"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1108"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/new.kinetics.co.nz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1108"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}