Pune Police Issue Advisory After Suspect Whale Phishing Scams
The Pune City Cyber Police have issued a strong advisory to private companies after a spate of whale phishing attacks, which have resulted in two major losses: Rs 40 lakh and Rs 1.9 crore. The critical message is clear: act fast, or risk losing a significant amount of money. In one of the cases, a company reported the scam within four hours, allowing the police to freeze and recover the entire amount. However, in the other instance, the firm took over two days to report the crime, leaving the cyber criminals with a substantial portion of the loot.
Whale phishing, also known as CEO fraud, is a type of social engineering scam that targets high-ranking officials, often posing as CEOs or Commanding Officers. The scammers use publicly available information to contact the target, exploiting the hierarchical structure of a company. They might claim to be in a meeting and ask for urgent action, such as making large transactions. The Deputy Commissioner of Police, Vivek Masal, warned that the scammers are cleverly exploiting this anxiety, using display pictures of CEOs on messaging platforms to create pressure.
The advisory issued by the cyber police emphasizes the importance of basic cybersecurity hygiene. It recommends educating employees, especially those in key positions, to recognize signs of phishing, including emails and messages from suspicious numbers or addresses. They should also verify requests through alternative channels and use multi-factor authentication methods. Moreover, companies should regularly review their internal cyber protocols and establish a response team to quickly mitigate the damage in case of a breach.
The advisory specifically highlights the need for employees to be aware of the signs of whale phishing and man-in-the-middle attacks. It stresses the importance of verifying payment requests through alternate channels, such as direct phone calls or internal messaging platforms. The police also urge companies to report any incidents immediately, as the longer it takes to act, the more likely it is that the stolen funds will be channeled to secondary mule accounts or converted to difficult-to-trace cryptocurrencies.
Pune and Pimpri Chinchwad police have registered around 15 cases of whale phishing since 2022, with notable cases including the loss of Rs 1 crore by a global vaccine major, Rs 4 crores by a real estate company, and Rs 1.9 crore by a consultancy firm. The latest case involves a business analytics firm that lost Rs 2.34 crore to cyber criminals posing as the company’s Canada-based CEO.
By taking immediate action and being aware of these scams, companies can protect themselves against these sophisticated attacks. As the Pune City Cyber Police warn, "cyber criminals are using phone messenger for CEO scams, and they might shift to another tactic in the future. They are primarily targeting vulnerabilities, and that’s why security protocols should be reviewed on a regular basis."
Original Source: https://indianexpress.com/article/cities/pune/training-cyber-hygiene-quick-complaint-pune-polices-advisory-whale-phishing-attacks-9906006/
Category : Cities,Pune
Tags:
Publish Date: 2025-03-25 23:00:00
