鱼叉式网络钓鱼和捕鲸是攻击者用来窃取您的机密信息的不同类型的电子邮件网络钓鱼攻击。此机密信息可能包括登录凭据、信用卡和借记卡详细信息以及其他敏感数据。
鱼叉式网络钓鱼:
它是针对特定个人或组织的网络钓鱼类型。在这次攻击中,攻击者诱骗受害者点击安装恶意代码的恶意链接,从而让攻击者从目标系统或网络中检索所有敏感信息。
捕鲸:
捕鲸也是一种网络钓鱼攻击。在这次攻击中,CEO、COO、CTO 等组织的高层人员都是目标。攻击者发送看似合法但包含恶意链接的电子邮件或短信。
鱼叉式网络钓鱼和捕鲸的区别:
| S.NO | Spear Phishing | Whaling |
|---|---|---|
| 1. | Targets specific group of people or organization | Targets only high level directives of an organization |
| 2. | Main focus is to steal corporate banking information | Main focus is to steal admin credentials or trade secrets |
| 3. | Email or message is designed for group of people | Email or message is for specific person |
| 4. | Targets low profile individual | Targets high profile individual |
| 5. | To prevent this attack educate people about such attacks | Check the URL before actually clicking it |