New Zealand businesses targeted in “whaling” cyberthreat scam

ADC are seeing an increase in the frequency of the “whaling” email based scam in New Zealand

Whaling is a digital con which has the objective of swindling businesses into divulging confidential company information or to effect an international money transfer. The latter, we are seeing more often.

In the case of the money transfer scam, the CFO, Financial Controller or Accounts Payable Officer of an organisation is targeted as the “mark” after some research into the company. An email is sent to the mark and carefully crafted so as to look like it is from the CEO or business owner. The email may even look like it comes from the business owner’s email address and will state that they “require an urgent international money transfer”.

At this point, if the Financial Controller replies to the scammer, dialogue begins regarding where payment is required to be made.

In 2015, the Executive Director of Finance at Te Wananga o Aotearoa fell victim to the scam and transferred US$79,000 to an offshore bank account. Details of the case are available here. This is just one example of many.

The Department of Internal Affairs released information regarding these scams last year here.

Unfortunately, traditional anti-spam methods will generally not block these emails.

Although many people will recognise this as being a scam, ADC recommend that you make phone contact to confirm any such request made to you.

As always, the best line of defense is vigilance.