Skip to main content

What do Phishing, Spear Phishing and Whaling mean

Some pundits predict that threat actors will become more targeted with their approach to Phishing in 2019.

Attackers will break into a system and then stay hidden in order to extract as much information as possible about the users and their communications with others in order to create a carefully constructed campaign to beguile them, often for financial gain.

We have seen bogus emails pretending to be notification from Facebook – attempting take advantage of the trust between individuals in relationships in order to trick them to clicking on links that enable capture of personal information or credentials.

With this in mind, this week, Ray Welland explains what Phishing, Spear Phishing and Whaling are.

“Phishing is one of the oldest forms of malicious social engineering, but it remains one of the most effective because spammers do a good job at luring users to click on malicious links or open malware-laden attachments. It is used to gather personally identifiable information. Phishing emails appear to come from a trusted source, such as a friend or a well-known business.
Over time, phishing has evolved to include spear phishing – these are targeted attempts and highly personalized for a specific target such as a business or person. instead of taking a blanket approach.
Whaling is highly targeted phishing attacks masquerading as a legitimate email that are aimed at senior executives.”

If you would like to learn more about Phishing, Spear Phishing, and Whaling then please feel free to get in touch.

JUMPSEC’s Social Engineering Assessment is designed to  designed to deliver realistic and targeted attacks, performed in a safe way by our team of in house, expert, ethical hackers. It is followed up with comprehensive reports and assistance with training in order to drive awareness and education within your organisation to help reduce your risk of compromise.