What Is Whaling? The Phishing Attacks Explained | #phishing | #scams


Whaling — in the context of online scams, not the horrendous practice that was outlawed in the U.S. in the ’70s — is much like phishing in that it involves tricking a target with a fraudulent message of some kind. Also, like phishing, this correspondence typically involves attempting to convince a target to share personal information, reveal company information that could be used for more attacks in the future, or even directly transfer money. The primary difference, and the reason it’s called “whaling” to begin with, is who the scam targets.

Unlike phishing, which (for lack of a better term) usually involves proverbially casting a wide net by sending mass messages out to a large number of people in the hopes that one or two may respond, whaling is much more precise and is most often aimed at senior executives, CEOs, and other high-ranking positions in businesses and corporations (per Malwarebytes).

Because these attacks are much more focused, they can also be more difficult to catch in time. Attackers may send an official-looking email that appears to be from a trusted source at first glance, but they may also attempt to follow up on the fake email over the phone and then continue to pretend that they’re working for that trusted source. Attackers sometimes even take to social media in an attempt to deceive their selected victim.



Original Source link

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Leave a Reply

Your email address will not be published.

+ fifty three = sixty