What is phishing, spear phishing, and whaling?
D2 ยท Threats ยท CompTIA Security+ SY0-701All three are social engineering attacks delivered via email, but differ in targeting:
๐ฃ Phishing โ Mass email scam sent to thousands, generic lures (e.g., "Your account is suspended").
๐ฏ Spear phishing โ Targeted at a specific person or organization using personalized details.
๐ณ Whaling โ Spear phishing aimed at executives (CEO, CFO) โ high-value targets.
๐ Vishing โ Voice phishing (phone calls).
๐ฑ Smishing โ SMS phishing (text messages).
๐ฃ Phishing โ Mass email scam sent to thousands, generic lures (e.g., "Your account is suspended").
๐ฏ Spear phishing โ Targeted at a specific person or organization using personalized details.
๐ณ Whaling โ Spear phishing aimed at executives (CEO, CFO) โ high-value targets.
๐ Vishing โ Voice phishing (phone calls).
๐ฑ Smishing โ SMS phishing (text messages).
The more targeted the attack, the harder it is to detect. Whaling emails often impersonate legal firms or regulators. Business Email Compromise (BEC) is a form of whaling.