Tel: 03333 200 222
Email: [email protected]

What is Whaling in cyber security?

2 minute read
A whaling attack is one of the types of phishing attacks directed at high-level executives where attackers act as legitimate, trustworthy, reputable and persuade a victim to share highly sensitive information with a fraudulent account.
By, Jack Wong

Whaling in cyber security is one of the types of phishing attacks directed at high-level executives where attackers act as legitimate, trustworthy, and reputable and persuade a victim to share highly sensitive information with a fraudulent account.

How does Whaling in cyber security work?

The difference between phishing and whaling is that whaling attacks must be tailored to their particular targets. Therefore, high-level managers and executives are the main targets of these attacks. More often, the role of these individuals within an organisation has the power or ability to access credentials which is the incentive for hackers. Hackers often send an email that looks and feels like a legitimate email from a trusted source.

The primary purpose of a whaling attack for attackers is typically to steal money, data or access to the network. In a whaling attack, hackers may send an email that appears to be authentic and comes from a reliable source, typically a contact within the business or with a partner or a vendor.

A whaling email includes sufficient personal information from online research to persuade the victims that it is authentic. Whaling attacks may also require users to click on a link that takes them to a fraudulent website that looks just like the official one. Then victims may be encouraged to share their sensitive data like payroll information, tax returns or bank account numbers. Also, they may be asked to authorise a wire transfer to a bank account that turns out to be fraudulent where their personal data can be collected.

How to recognise a Whaling attack? 

A whaling attack is more difficult to recognise than a standard phishing attack, as attackers usually spend more time making email communications and websites look legitimate.

Whaling attacks in cyber security examples include:

  • An email address from the sender that does not exactly match the domain of the organisation. For example, attackers frequently replace an “m” in a domain name with an “r” and an “n” or “rn” to trick the recipient.
  • An urgent request to share sensitive information
  • An urgent request to transfer the money to another account.
  • A threat of adverse consequences

Measures against Whaling attacks:

  • Flagging Emails: Flagging emails, especially from external sources, can help to highlight these attacks and make them easier to detect.
  • Install antivirus software and antimalware: Whaling attacks are generally designed to install malware on a high-level management staff’s computer. Ensuring that antivirus and antimalware protection are installed and kept up-to-date is the key way to against whaling.
  • Email Security Solutions: Installing updated email security solutions can detect warning signs of a whaling attack and block suspicious emails from reaching the target inbox.

Swiftcomm, as a professional IT support provider, has developed an email security solution that detects whaling and other phishing techniques and provides strong protection against various email-based attacks.

More from Swiftcomm

Efficient and Affordable Fixed Cost IT Support in Peterborough: Your Solution for Seamless Tech Management
In today's fast-paced business world, technology plays a pivotal role in the success of organisations, regardless of their size. As companies increasingly rely on technology to streamline business operations, enhance customer experiences, and gain a competitive edge, reliable IT support has never been more critical. In this blog, we will explore the world of fixed cost IT support in Peterborough—a solution that offers efficiency and affordability for support specialists while ensuring seamless tech management for businesses.
Full Article
Addressing Diverse Industry Challenges: IT Support for SME London
The thriving business landscape of London comprises a diverse array of small and medium-sized enterprises (SMEs) spanning various industries, each with its own unique IT needs and challenges. From finance and healthcare to creative agencies and manufacturing businesses, the technology requirements can significantly differ. This is where IT support providers play a crucial role, offering tailored solutions to address the diverse industry challenges faced by SMEs in London. When it comes to IT support for SME London, these providers offer customized solutions that can help businesses thrive in this dynamic environment.
Full Article
Trusted by 100s of businesses already
Uniquely tailored approach
Outstanding customer service

Talk with us

We pride ourselves on being an honest trustworthy business communications provider
Call 03333 200 222 or if you would prefer us to call you.
Schedule a call
We love emails, to send us one use [email protected] or fill in our
Contact Form
Live Chat
Got a question? Our live chat is open and ready to assist
Chat Now
Contact a specialist