You Know About Phishing, But What Is Whaling And Why Do You Need To Know About It?

November 18, 2020

You Know About Phishing, But What Is Whaling And Why Do You Need To Know About It?

What Is A Whaling Attack?

Most of us know what phishing is, but are you familiar with the terms “spear-phishing” and “whaling”?

Phishing attacks target a broad spectrum of individuals, spear-phishing attacks target any particular individual, and whaling attacks focus on high-level positions in an organization.

The whaling target in an organization is usually the CEO, CFO, or other high-level executives usually in the HR or accounting divisions. The cybercriminal impersonates the senior management in order to leverage their authority and gain sensitive information or money.

Where We Come In

We have foiled these attacks before that would have cost our clients 6 or 7 figures. The biggest mistake we see companies do that leads to a whaling attack is the oversharing of information online.

Many company websites will have an "About Us" section showcasing the employees, their positions in the company, and some potentially important information about them. If a cybercriminal is able to make a false front appearing as one of the employees or even the main director, this could be a way to gain access and information from other employees.


Our team at Cyber Unit can train your employees to properly detect a phishing, spear-phishing or whaling scam so you can hopefully avoid a future attack. Get in touch to find out how we can help defend you from cyber attacks, so you can have peace of mind.

Click here to contact us!