Ethical Hacking Essentials Practice Test

Which type of attack targets high-profile individuals with access to confidential information?

• A. Spear Phishing
• B. Whaling
• C. Social Engineering
• D. Vishing

The correct answer is: Whaling

The chosen answer focuses on an attack method known as whaling, which is specifically designed to target high-profile individuals, often referred to as "whales." These individuals typically hold key positions within an organization, such as executives or senior management, and have access to sensitive or confidential information. Whaling attacks are a subtype of phishing attacks and are characterized by their tailored and sophisticated nature. In whaling attacks, cybercriminals craft highly personalized and convincing messages that can resemble legitimate communication, often impersonating a trusted source, such as a colleague or a partner in business. The goal is to manipulate the target into revealing sensitive data, transferring funds, or granting unauthorized access to systems. Understanding the significance of whaling is crucial, as these attacks pose a significant risk to organizations. A successful whaling attack can lead to severe repercussions, including financial losses, theft of intellectual property, or damage to an organization’s reputation. Other types of attacks mentioned, such as spear phishing, focus on targeted attacks but may not specifically target high-profile individuals or may apply to broader groups. Social engineering refers to manipulating people into divulging confidential information but encompasses a wider range of techniques than just those aimed at high-profile targets. Vishing, or voice phishing, involves phone calls rather