Spear phishing is a social engineering attack that evolves the phishing technique. In this case, the criminals don’t target an indeterminate audience, but the attack is personalized to a specific potential victim.
A personalized email is used to overcome the victim’s mistrust and get them to download a malware-infected document or click on a malicious link.
In the design and implementation of spear phishing attacks, preparing the attack and collecting prior information play a fundamental role.
This technique is useful for those seeking access to data or documents available to very few people.