Difference between Spear Phishing and Whaling
Spear Phishing
Spear Phishing is a type of email phishing attack where a personalized email is sent to a specific person or to the organization. The user is tricked to click on a malicious link which seems to be legitimate. When the user clicks on the link, and puts his/her details then attacker steals that sensitive information like login credentials, credit, and debit card details or any other sensitive information.
Whaling
Whaling is again a type of email phishing attack where top officials like CEO, COO, CTO, etc. are targeted. The attacker sends a mail with a malicious link that looks to come from an authentic source.
The following are some of the important differences between Spear Phishing and Whaling.
| Sr. No. | Key | Spear Phishing | Whaling |
|---|
| 1 | Targets | Spear Phishing targets a specific group of people. | Whaling targets top officials of an organization. |
| 2 | Focus | Spear phishing focuses on stealing login credentials/ sensitive information. | Whaling focuses on fetching trade secrets which can affect a company's performance. |
| 3 | Designing | Spear Phishing emails are prepared for a group of people. | Whaling emails are highly customized for specific persons. |
| 4 | Target | Spear Phishing targets low profile individuals. | Whaling targets high profile individuals. |
| 5 | Prevention | To prevent spear phishing, we should educate people about such an attack | To prevent whaling attack, education, awareness helps and each URL should be checked before opening. |
Published on 16-Apr-2020 06:04:03
Data Structure
Networking
RDBMS
Operating System
Java
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP