Unlike mass emails sent in Phishing scams, Whaling involves targeted emails to specific people and roles within companies or organizations. They are not mass sent like Phishing emails and require vigilance and education by everyone who is part of a business in some capacity.
Steve and Justin explain in more detail “What is Whaling”, who they target, and how you can avoid falling for the fake emails.
Whaling Explained
We encourage you to continue learning about Whaling so that you can identify these attacks and help keep your business safe. Continue asking questions and know that it’s ok to be skeptical of emails requesting action from you. Share this information with everyone at your business.
The Risk Institute at Ohio State University published this article on “Cyber Security: About Whale Phishing, the Deep Web and the Dark Net”
This is a story of how it happened to a couple of companies, “Man charged with $100m ‘whaling’ attack on two US tech giants.”
Social Media Posts that Mine for Your Information
Another security risk is answering any social media post or quiz that asks you to review what you commonly are asked as security questions and answers OR might use in your passwords. Be safe, keep your information as secure as possible, and avoid leaving your comment on any social media post that ask these questions.