CISSP Practice question #256

Using highly targeted emails to senior management an attacker has sent an email threatening with a lawsuit if attached documents are not filled out and returned by a certain date. What is this an example of?
A: Vishing.
B: Social engineering.
C: Whale phishing.

CBK 1: Security and Risk Management
Source: practice tests –


C: This is whale phishing, which is a social engineering attack. Whale Phishing (Whaling): Spear phishing targeted at senior leadership of an organization. This could be: “Your company is being sued if you don’t fill out the attached documents (With Trojan in them) and return them to us within 2 weeks”.

show less

IT & Cyber Security trainer
Sharing my knowledge, to help you reach your IT certification goals.
CISSP, C|EH, PMP, CCNP, CompTIA Security+, SCP, CCNA-Security, CCNA, et. Al.

You may also like

Leave a Reply