FYI in "Types of attacks" the definition of Whaling is incorrect. Whaling is when high level employees are targeted by phishing, not when the email appears to come from them. This is confirmed by a question on the practice exam.
-
Incorrect info in Sec+ SY0-501 lecture
-
Robert you are absolutely correct, apparently my mouth and brain were not in sync with each other, I will post an errata as the term "whaling" does refer to a phishing scam in which "C-level" employees are targeted. In my usual explanation, I tell students think of it as "targeting the big fish" in the company as a way to remember the term vs. spear phishing which emails are received and appear to be from a trusted source. Whatever the reason may be, I definitely did not define that correctly. Thank you for pointing this out.
