What is Whaling, the E-mail Scam Targeting Big Fish?

by Clara Rosales
Sep 21, 2022

PHOTO BY Cakeshop by Sonja Facebook page

Scammers are getting smarter and attacking employees through highly personalized phishing attacks called whaling. Your personal phone and e-mails may be protected as of late, but it pays to check your work accounts too.

Unlike other phishing scams that target a large number of people at once through relatively smaller transactions, whaling scams have a specific target with the goal of stealing big money or data.

The scam gets its name from whales, or the authority it targets, along with the end goal of a high-value attack. Some also refer to it as CEO Fraud.

MORE ON SCAMS: GUIDE: Email and SMS Scams You Need to Know to Protect Your Money

Scammers steal the identity of a senior executive or high-level employee to gain access to systems or send instructions to proceed with fraudulent transactions.

Those engaging in whaling scams may also target employees in high positions with believable e-mails or messages to get them to authorize transactions or commands that would result in the theft of information or large sums of money.

ADVERTISEMENT - CONTINUE READING BELOW

The scam e-mail usually contains highly personalized information on the target organization or individual and asks the recipient to do something, like to click a link, transfer funds, or release confidential data on the company or organization.

Well-made whaling scams will often be hard to detect, as all information on the target such as their job level, position, description, and official work correspondence may be referenced or involved. Attacks may also come from an e-mail or message that appears to be a trusted source.

ALSO READ: How to Protect Your Data From Scammers, Spammers

Regardless of your position, it’s best to safeguard even your company e-mail and phone to avoid falling victim to whaling scams. Here are some tips to prevent getting scammed: