What type of target does whaling primarily focus on?

Whaling is a type of phishing attack that specifically targets high-profile individuals within an organization, such as upper management or executives. The reason this tactic is effective is that these individuals often have access to sensitive information and critical business resources. Attackers exploit their positions and authority, crafting highly personalized and convincing messages that appear to come from trustworthy sources or legitimate communications. The intention is to deceive these high-ranking targets into divulging confidential information or initiating unauthorized transactions. This approach capitalizes on the perceived trustworthiness and authority of executive roles, making them prime targets for cybercriminals.

The other groups listed, like individual consumers, non-profit organizations, and small business owners, typically relate to broader phishing campaigns or scams that do not focus on the high-stakes interactions characteristic of whaling attacks. Thus, while all these groups can be affected by various types of cyber threats, whaling's focus on upper management distinctly sets it apart.