A C-level executive has contacted the security team and asked if you can verify the authenticity of an email. The email appears to have come from a bank saying their password has been compromised. The executive states they don't use this bank. After some investigation you find this email went out to around fifty percent of internal email addresses. Which term correctly describes this attack scenario?
Correct Incorrect Unanswered Report Issue Answer Description
This scenario describes a phishing attack, but tries to trick you by mentioning a high level executive was targeted which would make it whaling. However because half the internal email addresses were also sent this email it is a more generic phishing attack. Whaling would apply only if high level executives were targeted, not a large chunk of the organization.
Wikipedia
Phishing is a form of social engineering and scam where attackers deceive people into revealing sensitive information or installing malware such as ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim. As of 2020, it is the most common type of cybercrime, with the FBI's Internet Crime Complaint Center reporting more incidents of phishing than any other type of computer crime.The term "phishing" was first recorded in 1995 in the cracking toolkit AOHell, but may have been used earlier in the hacker magazine 2600. It is a variation of fishing and refers to the use of lures to "fish" for sensitive information.Measures to prevent or reduce the impact of phishing attacks include legislation, user education, public awareness, and technical security measures. The importance of phishing awareness has increased in both personal and professional settings, with phishing attacks among businesses rising from 72% to 86% from 2017 to 2020.
Phishing - Wikipedia, the free encyclopedia Subscribe to avoid duplicate questions and track your progress over time