Three things you can do today to prevent a whaling attack

Updated: Oct 15, 2021

Whaling is a highly targeted phishing attack, often aimed at senior executives. Like a phishing attack it is masquerading a fraudulent message as a legitimate email, phone call or social media message. The aim is to execute digitally enabled fraud through social engineering, designed to encourage victims to perform a secondary action i.e., a wire transfer of funds.


So, as a senior executive, how can you prevent such an attack?

· Educate employees of all levels

many people have the view that phishing scams are easy to spot, which is why they may be unsuspecting of a whaling attack. Help your team learn how to spot the warning signs of a whaling attack.

· Whaling prevention protocols

an easy way to prevent an attack is to implement verification requests for sensitive information through other channels – for example two personnel to sign off for monetary requests.

· Data Loss Prevention (DLP) software

this software can block any violation to protocols you have put in place; it can also flag emails based on the name and age of the domain. Newer domains are much more suspect. It can also flag suspicious keywords like “wire transfer”.


For more information on how to stay safe online visit our website https://www.nebrcentre.co.uk/ where we offer a range of resources, including a FREE core membership package.