cybersecurity Glossary

What is Spear phishing?

Spear phishing is a social engineering attack that evolves the phishing technique. In this case, the criminals don’t target an indeterminate audience, but the attack is personalized to a specific potential victim. 

A personalized email is used to overcome the victim’s mistrust and get them to download a malware-infected document or click on a malicious link. 

In the design and implementation of spear phishing attacks, preparing the attack and collecting prior information play a fundamental role. 

This technique is useful for those seeking access to data or documents available to very few people.