WHALING
The highly targeted form of phishing that targets executives
WHAT IS WHALING?
Whaling is a form of Business Email Compromise (BEC), a highly targeted phishing attack aimed at senior executives within an organization. Whaling is digitally enabled fraud through social engineering, designed to encourage victims to perform a secondary action, such as initiating a wire transfer of funds.
Losses Exceed $26 Billion
Business email compromise (BEC) and email account compromise (EAC) losses have surpassed $43 billion globally.
(source: FBI)
17,607 Attempts in 2020
In 2020 there was a total of 17,607 seen attempts at implementing a CEO Fraud scam, up from 13,055 at the end of 2020.
(source: Statista)
1/3 of all Cybercrime Losses
More than a third of all cybercrime losses can be attributed CEO Fraud/BEC. $2.4B lost by US businesses in 2021.
(source: IC3 Crime Report 2021)
WHAT DOES WHALING LOOK LIKE?
Unlike mass spam or phishing campaigns, whaling attacks are highly targeted and often extensively researched. They typically contain no malicious attachments or URLs, which helps evade detection by traditional email filters.
Typosquatted Domain
The attacker has legitimately registered a ‘typosquatted’ domain. Look more closely at the first ‘p’, it is actually the Greek letter ‘Rho’ ρ. Cyrillic characters are often used in typosquatted domains and can be extremely difficult for a busy employee to notice the slight differences. It will likely pass SPF, DKIM and DMARC checks too.
No Links or Attachments
The absence of links or attachments, renders AV engines and sandboxes obsolete. To the recipient, this email may look indistinguishable from a genuine one.
Social Engineering
Posing as the CEO, the attacker is using language to that creates a sense of urgency and exerts significant pressure on the recipient to comply.
HOW DOES MESH PROTECT AGAINST WHALING?
Mesh applies over 250 unique filters to every single email it processes, protecting against the full spectrum of email attacks. Combining machine learning, predictive threat intelligence and advanced content analysis, Mesh identifies indicators of compromise, fraud, impersonation, phishing, malicious content, spam, and unsolicited marketing emails, keeping organizations and their people safe.
Impersonation Detection
Mesh analyzes email content, language, tone and cadence, combined with checks against the sending domain, display name, and username, for matches and/or similarities with the recipient organization.
Contextual Banners
Informed employees are safer employees. Banners can be applied to emails warning of danger or advising caution, empowering employees to safely navigate their inbox. Banners are customizable.
Predictive Threat Intelligence
Knowing what regular email traffic looks like makes it easier to recognize anomalistic email. Mesh utilizes a combination of Passive DNS Sensors, Deep-Relationship Analysis, Neural Networks and other information sources to detect abnormalities.
Its ability to detect emails specifically targeting high-risk individuals is incredibly reassuring
Mesh has significantly reduced the amount of email-related tickets we receive. The ability to manage everything centrally from partner level makes our job so much easier - we can make changes for all clients in one go. Onboarding was quick and painless, both our engineers and end-users took to it straight away.”
Jason Gilmer
Network Admin at Reading Bakery Systems
Ready to get started?
Make your customers safer and
your MSP more efficient.
MSP Success Stories
Discover how your MSP peers have made their MSPs more efficient and profitable, while delivering better email security to their customers.
Mesh is not for everyone
We’re developing the only email security platform built exclusively for MSPs, but nobody is perfect and Mesh is not for every team.