Skip to content

New Blog post - Why go phishing when you can go “whaling”?

Posted by Geraldine Hunt on Wed, Aug 3rd, 2011

One of the great things about  technology is the way we get to invent fun, new terminology.


A relatively new term in use in the area of phishing is that of ‘whaling’. Use of the term ‘whaling’ within the phishing arena is fairly new and  my guess is it derives from the world of gambling where a high stake gambler is often referred to as a ‘big fish’….they don’t get much bigger than a whale and to carry on the gambling parallel for whalers (of the phishing variety)  the stakes are also high with the phishing attack  targeting high-level executives within companies, significant and specific targets.


A whaling attack is extremely focussed, the phisher  focuses on exclusive group of senior personnel within an company and tries to steal their identities, log in details – normally via malware that provides back-door functionality and key logging.

It’s clear that phishing attacks of the tadpole or whaling variety remain a clear and present threat to businesses. There is no evidence to suggest that network security measures like anti-spam protection are discouraging the number of phishing attacks and it’s equally clear that the arrival of social networking in the workplace has presented phishers with a bigger pond to phish in.

A recent SpamTitan survey shows that opinion is divided over whether business network security measures have caused phishing attacks to migrate from email to social networking sites like Twitter or Facebook

  • 37 %  saying it is a growing phenomenon

  • 31 % disagree that this is the cause

Instead they regard the move to on-line phishing as a natural response the growth in the user communities of the main social networking sites. Clear policies along with improvements in user education and awareness are really the best way to beat phishing in all its forms.

See how some SpamTitan customers have protected their companies from email phishing attacks

Related Articles

Never Miss a Blog Post

Sign-up for email updates...

Get Your 14 Day Free Trial

Talk to Our Email and DNS Security Team

Call us on US +1 813 304 2544

Contact Us