A highly targeted phishing attack aimed at senior executives, C-suite officers, or other high-value individuals within an organization, often involving impersonation of other executives or legal authorities.
A highly targeted phishing attack aimed at senior executives, C-suite officers, or other high-value individuals within an organization, often involving impersonation of other executives or legal authorities.
Think you've been targeted?
Paste the suspicious content here for an instant analysis.
No signup · 6 detection layers · Results in seconds · Cmd+Enter
Whaling attacks target the "big fish" — hence the name. These attacks focus on CEOs, CFOs, board members, and other senior leaders who have authority to approve large financial transactions or access the most sensitive organizational data.
Because executives often have less time for security training and are accustomed to urgent, high-stakes requests, they can be particularly vulnerable. The potential payoff for a successful whaling attack is enormous, making it worth the significant research investment.
A single successful whaling attack can result in losses of millions of dollars. The FBI estimates that business email compromise, which often involves whaling, has cost organizations over $50 billion globally.
In 2016, the CEO of an Austrian aerospace company was fired after a whaling attack tricked the finance department into wiring $47 million to attackers. The email appeared to come from the CEO himself, requesting an urgent transfer for a confidential acquisition.