Unlike mass emails sent in Phishing scams, Whaling involves targeted emails to specific people and roles within companies or organizations. They are not mass sent like Phishing emails and require vigilance and education by everyone who is part of a business in some capacity.
Steve and Justin explain in more detail “What is Whaling”, who they target, and how you can avoid falling for the fake emails.
We encourage you to continue learning about Whaling so that you can identify these attacks and help keep your business safe. Continue asking questions and know that it’s ok to be skeptical of emails requesting action from you. Share this information with everyone at your business.
The Risk Institute at Ohio State University published this article on “Cyber Security: About Whale Phishing, the Deep Web and the Dark Net”
This is a story of how it happened to a couple of companies, “Man charged with $100m ‘whaling’ attack on two US tech giants.”