Jericho Security | Glossary

Jericho's Cybersecurity Glossary | Whaling

Written by Jericho Security Team | September 28, 2024

Definition:

Whaling is a specific type of phishing attack that targets high-profile individuals within an organization, such as executives or key decision-makers, using personalized and often sophisticated methods.

Use Cases:

  • Used by attackers to trick executives into transferring funds or divulging sensitive company information.
  • Employed in attacks that aim to gain access to high-value corporate accounts or systems.

Related Terms:

Questions and Answers:

  • How is whaling different from regular phishing?
    Whaling is highly targeted, focusing on key individuals within an organization, while regular phishing is more generic and sent to a broad audience.

  • What are the consequences of a successful whaling attack?
    Consequences can include financial losses, unauthorized access to critical systems, and the exposure of sensitive corporate data.

  • How can organizations protect against whaling attacks?
    Organizations can protect against whaling by training executives on the risks, implementing strict security protocols, and using multi-factor authentication.