Skip to main content

Even Large Company Employees Get Hit By Phishing/Whaling Scams

By April 22, 2016March 2nd, 2023Blog, Cybersecurity

even_large_company_employees_get_hit_by_phishingToy manufacturing giant Mattel was recently the target of a whaling scam that could have been both highly embarrassing and extremely costly, if not for a single stroke of luck.

If you’ve not heard the term, “whaling” is a subset of the phishing scams that hackers commonly run, with the key distinction being that whaling scams tend to target high level executives of a given company on the thinking that a bigger target tends to yield a bigger prize.

In this case, the hackers took advantage of a period of relative chaos inside Mattel, owing to the transition of newly installed CEO, Christopher Sinclair. The attack took the form of targeting a high ranking executive within the company with an email that seemed to come from Sinclair himself. The email requested funds in the sum of $3 million USD to be wired to the Bank of Wenzhou for a vendor.

Everything appeared to be in order, so the executive complied with the request, only to discover several hours later that something was amiss. Unfortunately, since the transfer was already underway, it appeared that nothing could be done to reverse it.

This, however, is where fortune smiled. The next day was Good Friday, which is a bank holiday. The extra day allowed company officials to work with the Chinese government in order to see the transfer cancelled before the hackers could actually collect the money.

It was a lucky break for Mattel that could have ended very differently, and it underscores the fact that social engineering tricks can often undo even the best security protocols a company might have in place.

Too often, company executives forget that much of what they do is in the public eye, and that hackers are no doubt watching and aware. Especially during times of transition, it is all too easy for a seemingly innocuous email that appears to be from one of the key principles in a company could lead to a tragic, and extremely costly mistake.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.