Definition:
Whaling is a specific type of phishing attack that targets high-profile individuals within an organization, such as executives or key decision-makers, using personalized and often sophisticated methods.
Use Cases:
- Used by attackers to trick executives into transferring funds or divulging sensitive company information.
- Employed in attacks that aim to gain access to high-value corporate accounts or systems.
Related Terms:
Questions and Answers:
- How is whaling different from regular phishing?
Whaling is highly targeted, focusing on key individuals within an organization, while regular phishing is more generic and sent to a broad audience.
- What are the consequences of a successful whaling attack?
Consequences can include financial losses, unauthorized access to critical systems, and the exposure of sensitive corporate data.
- How can organizations protect against whaling attacks?
Organizations can protect against whaling by training executives on the risks, implementing strict security protocols, and using multi-factor authentication.