What is the specific type of phishing aimed at high-level individuals within an organization?

Whaling is a specific type of phishing attack that targets high-level individuals within an organization, such as executives or senior management. The term "whaling" is derived from the idea of hunting larger fish, or in this case, high-value targets, as opposed to standard phishing, which typically aims at a broader audience.

The primary goal of whaling is to deceive these individuals into providing sensitive information, such as login credentials or financial data, by disguising the attack as a legitimate request or communication. The tactics used in whaling attacks often include highly personalized messages that leverage the target's position and responsibilities to create trust and urgency.

The effectiveness of whaling lies in the attackers' ability to research their targets and craft messages that appear credible, increasing the likelihood that the victim will fall for the scheme. Understanding this concept is vital for organizations, as high-level executives typically have access to sensitive company information, making them prime targets for attackers.