“Whaling” is another evolution of phishing attacks that uses sophisticated social engineering techniques to steal confidential information, personal data, access credentials to restricted services/resources, and specifically information with relevant value from an economic and commercial perspective.

What distinguishes whaling from phishing and spear phishing is the choice of targets: relevant executives of private business and government agencies. The word whaling indicates that the target is a big fish to capture.

Whaling adopts the same methods of spear phishing attacks, but the scam email is designed to masquerade as a critical business email sent from a legitimate authority, typically from relevant executives of important organizations. Typically, the content of the message sent is designed for upper management and reports some kind of fake company-wide concern or high confidential information.

It is important that employees of all levels within your organization are aware of this type of attack and what they can do to defend against it. Yes Tech is here to guide you and your employees through our extensive, up-to-date cybersecurity awareness training and simulated phishing campaigns. Call us at (504) 372-1372 to schedule an appointment to discuss your needs.


Leave a Reply

Your email address will not be published. Required fields are marked *