₹70 Lakh Lost in Cyber Heist: High-Tech Whale Phishing Attack Targets Pune Company
Pune-based Poultry Company Loses ₹70 Lakh Due to Sophisticated Whale Phishing Attack
A recent incident has highlighted the escalating threat of corporate-targeted cybercrime, with a prominent poultry firm in Pune falling victim to a sophisticated whale phishing scam.
- The attackers compromised the company’s accountant’s phone, allowing them to manipulate internal communication channels and impersonate the chief executive officer (CEO).
- The attackers sent a seemingly legitimate message to the accountant on April 15, instructing him to transfer ₹70 lakh to a specified bank account.
- The accountant, trusting the authenticity of the message, proceeded to transfer the funds, but suspicions arose when the attacker requested an additional ₹30 lakh transfer to a separate account.
- The investigation revealed that the initial ₹70 lakh had indeed been transferred to accounts controlled by the cybercriminals.
“This type of attack is a classic example of whale phishing, where senior executives or key decision-makers are impersonated to trick employees into authorizing large financial transactions,” according to experts.
The attackers had gained unauthorized access to the accountant’s phone, allowing them to monitor communications, alter contact details, and seamlessly insert themselves into ongoing conversations.
Following the incident, the company has filed a complaint with the relevant authorities, and an investigation is currently underway. The authorities are analyzing call records, digital footprints, and banking transactions to identify the perpetrators.
“The case serves as a stark reminder of the evolving nature of cybercrime, where attackers are increasingly targeting corporate entities and exploiting internal communication systems,” said a spokesperson.
Organizations are advised to adopt robust security measures, including multi-level authentication systems, verbal confirmation, and internal approval hierarchies, to prevent similar incidents from occurring in the future.
Enabling two-factor authentication (2FA) and providing regular cybersecurity training for employees can significantly reduce the risk of successful whale phishing attacks.
Organizations must remain vigilant and proactive in their approach to cybersecurity, staying ahead of the evolving threats and protecting themselves against sophisticated attacks like the one experienced by the Pune-based poultry company.
About Author
English