Learn about whaling attacks.
- [Instructor] Now let's get started…exploring the attack vector known as whaling.…So, what is whaling?…Whaling is the targeting of senior executives…with emails impersonating fellow executives, employees,…or entities, in an attempt to get them…to give up confidential company information.…Whaling is just one type of advanced phishing.…Phishing is the attempt by attackers…to acquire sensitive information from people…and use it for malicious reasons.…Phishing attacks are usually very simple…and require less effort by attackers than a whaling attack.…
High value individuals who are seen as the big fish…are singled out in whaling attacks,…because these people are seen…as having access to more sensitive information…or access to the finances of a company.…Additionally, employees who have access…to sensitive information, like the human resources staff,…or those that conduct business purchases,…are common targets.…Social media sites, such as Facebook and LinkedIn…are helpful resources when attackers look…for people and companies to attack.…
Phishing is successful when an email message persuades a person to take an action or reveal information which should not be disclosed. Whaling focuses on high-profile targets such as executives, politicians, and celebrities. Learn about the tactics used in phishing and whaling, and view some examples so that you can identify suspicious emails and network intrusions. Then learn how to reduce your risk and put protections in place to help mitigate these threats.
This course was created and produced by Mentor Source, Inc. We are honored to host this training in our library.
- What is phishing?
- Types of phishing, including cat phishing, spear phishing, and vishing
- Phishing examples
- What is whaling?
- How to reduce phishing and whaling with technology and procedures