A whaling attack, also known as Business Compromise Email (BEC) attack, is a type of phishing cyberattack targeted to high-ranking executive of a company, often with the intent of tricking their employees into wiring them money or revealing sensitive information.
RMail Safe Sender - Anti-Whaling feature protects Microsoft Outlook users against whaling attacks. The patent pending RMail Anti-Whaling security feature uses proprietary algorithms to analyze email message characteristics, flagging a message when it appears to be an “impostor email.” The new feature is available now in the newest release of RMail’s add-in for Microsoft Outlook, which RMail customers can obtain by request.
- In a whaling attack, there is often no telltale link to a fraudulent website.
- The fraudulent email contains information specific to a transaction the victim is aware of and appears to be sent by a trusted individual.
- Anti-Whaling security protects RMail users from impostor emails by analyzing message structure and issues a warning when the user is about to reply to a suspected impostor email. This analysis is conducted when for all REPLY, REPLY ALL or FORWARDED emails (not just messages sent with the RMail Send Registered service button).
Example whaling message and workflow
There are two anti-whaling alert levels, Caution and Warning which appear depending on the matching whaling criteria and level of severity detected with the RMail proprietary algorithms.
Anti-Whaling Warning Example:
1. An email arrives in the inbox with one email address in the From field:
- Name: Jim Davis (known sender)
- Email Address: jimdavis@company.com (known sender address)
2. The Reply, Reply All or Forward button is pressed and the RMail App for Outlook detects a cyber threat:
- Name: Jim Davis (known sender)
- Email Address: jimdavis@cybercriminal.com (unknown reply address)
In this example, the user will see a warning pop-up to stop them from unsuspectingly sending information to a cybercriminal.
The anti-whaling feature works for RMail users with the latest RMail App for Outlook desktop and can be visibly seen as enabled with the green anti-whaling icon on the bottom of the feature dialog.
The settings for Anti-Whaling can be found in the Safe Sender section of the Settings menu in the RMail Feature Dialog box or by clicking the File menu from your Inbox in Outlook Desktop and then selecting RMail Settings.
If you have contacts that use more than one email address for work, or multiple similar looking addresses, you will likely get a WARNING pop up, only click on the Safe Sender button to add these contacts to the Safe Sender list if you are 100% sure that their address is verified and genuine.
For a complete review of the RMail Safe Sender - Anti-Whaling settings please refer to the following support video RMail Safe Sender – Anti-Whaling Settings
Note: IT staff can prevent users from disabling this feature, or disable the ability just for selected users, with a custom installation configuration, through our Professional Services team. Please contact your RPost account manager for more details.