As our digital world expands, so does the danger of cyber threats. Recently, thousands of people have fallen prey to online scams, losing their hard-earned money to cunning fraudsters. These scammers employ various deceitful tactics, extending beyond simple schemes like fake job offers or liking YouTube videos. They’ve grown more sophisticated, targeting corporations with well-planned strategies, such as Whale Phishing, which resulted in the loss of approximately Rs 4 crore from a Pune-based firm.
A senior accounts officer from a real estate company in Pune recently brought attention to a shocking case. The officer lost around Rs 4 crore after receiving messages from an unfamiliar sender. According to The Indian Express, the officer received a message on January 25 from an unknown number claiming to be the Chairperson and Managing Director (CMD) of the company.
The message instructed the officer to conduct a Real-Time Gross Settlement (RTGS) transfer of Rs 60 lakh to a specified account, citing the CMD’s busy schedule. Trusting the message, the finance officer complied and sent the Unique Transaction Reference (UTR) number to the fraudulent CMD.
The scammers didn’t stop there. Over the following days, they demanded more money, posing as the CMD. On January 26, they requested the company’s bank account details and instructed the officer to transfer Rs 27 lakh, Rs 50 lakh, and Rs 40 lakh. Falling victim to the deceit, the officer made 14 additional transfers in the next four days, totalling more than Rs 2.2 crores.
In total, the officer initiated 18 transfers, amounting to Rs 4.06 crores. Throughout the ordeal, the fraudsters ignored the officer’s calls and reassured him via text messages, promising resolution later.
The truth dawned on the officer when he finally spoke with the real CMD, who had returned from a trip abroad. It became clear that the CMD had not authorized any such transactions. Subsequently, the finance office filed a complaint with the Pune City police, leading to the registration of an FIR.
Whale Phishing, also known as CEO scam, is a type of cybercrime that targets senior executives or influential individuals within organizations. In this case, scammers meticulously researched their target and the company, using various online sources to create convincing messages resembling those from the actual individuals. The aim is to trick the target into revealing sensitive information or transferring funds to the attackers.
That is why we keep saying, protect your key users; they are more vulnerable!
Take the next step toward protecting your executives with a free trial of Acronis Cyber Protect – AI Powered Email Security.
To avoid falling victim to such scams, individuals and organizations must exercise caution. Be wary of unsolicited emails, texts, or calls, especially those demanding urgent or confidential actions. Verify the sender’s identity through a separate channel before complying with any requests. Refrain from clicking on suspicious links or opening attachments from unknown sources. If in doubt, report any suspicious activity to your IT department or security team promptly.
In a world where digital threats loom large, vigilance is key to safeguarding oneself and one’s assets from malicious actors. Stay alert, stay safe.