Skip to content
Related Articles
Get the best out of our app
GeeksforGeeks App
Open App
geeksforgeeks
Browser
Continue

Related Articles

Difference between Spear Phishing and Whaling

Improve Article
Save Article
Like Article
author
aman neekhara
scholar
276 published articles
Improve Article
Save Article
Like Article

Spear Phishing and Whaling both are different type of Email phishing attacks that attackers use to steal your confidential information. This confidential information might include login credentials, credit & debit card details, and other sensitive data. 

Spear Phishing: This type of phishing targets a specific person or organization. In this attack, the attacker tricks the victim to click on malicious links which installs malicious code, which lets the attacker retrieve all the sensitive information from the target system or network. 

Whaling: Whaling is also a type of phishing attack. In this attack high level personnel of an organization such as CEO, COO, CTO are targeted. Attackers send emails or text messages that seem legitimate but contain malicious links. 

Difference between Spear Phishing and Whaling:

S. No.Spear PhishingWhaling
1.Targets specific group of people or organization.Targets only high level directives of an organization.
2.Main focus is to steal corporate banking information.Main focus is to steal admin credentials or trade secrets.
3.Email or message is designed for group of people.Email or message is for specific person.
4.Targets low profile individual.Targets high profile individual.
5.To prevent this attack educate people about such attacks.Check the URL before actually clicking it.
6.

Examples include 

  • Email appears to legitimate as it may contains recipients name, references of colleagues working in an organization, etc. to entice the victims to open an attachment and initiate the attack like in vendor related payments stating that it has failed due to several reasons like incomplete details or wrong details and you have to retry the payment process using the given link which is nasty one. 

Examples include 

  • Tax scams.  Like posing as business executives and requesting requisite tax filing forms or employee financial information for submitting false tax returns and claim refunds. 
  • The other one in a row is in the form of an email purporting to be from the CEO or director of the business instructing the accounting division to conduct wire transfers. It seems to be authentic but it originates from faked email addresses and incorporate in the appropriate names and details to look like legitimate.
My Personal Notes arrow_drop_up
Last Updated : 22 Jul, 2022
Like Article
Save Article
Similar Reads
1. Difference between Phishing and Spear Phishing
2. Spear-Phishing Attack
3. Difference between Spoofing and Phishing
4. Difference between Spam and Phishing Mail
5. Difference between Phishing and Pharming
6. Difference between Phishing and Vishing
7. Types of Phishing Attacks and How to Identify them
8. Vishing (Voice Phishing)
9. Phishing in Ethical Hacking
10. 10 Tips To Identify Phishing Emails
Previous
Delays in Computer Network
Next
Difference between Memory and Storage
Article Contributed By :
https://media.geeksforgeeks.org/auth/avatar.png
aman neekhara
aman neekhara
Vote for difficulty
Improved By :
Article Tags :
Practice Tags :
Report Issue
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox