Home

spearphishing

Spearphishing is a targeted form of phishing in which an attacker researches a specific person or organization and crafts messages designed to appear legitimate in order to induce the victim to reveal confidential information, provide credentials, or perform an action such as transferring funds. Unlike broad phishing campaigns, spearphishing relies on personalization and context.

The attacker may collect information about the target from social media, company websites, or compromised accounts.

Techniques include spoofed or compromised sender addresses, lookalike domains, and pretexts that reference internal processes, recent

Impacts can include credential compromise, account takeover, financial loss, data exfiltration, malware installation, and further social

Defenses emphasize layered controls: user awareness training tailored to spearphishing, technical controls such as email authentication

Messages
often
impersonate
trusted
roles
such
as
an
IT
administrator,
manager,
supplier,
or
human
resources
representative.
Common
channels
include
email,
but
spearphishing
can
also
occur
via
instant
messaging,
text,
or
social
media.
events,
or
pending
tasks.
The
objective
is
to
bypass
suspicion
and
prompt
the
target
to
enter
credentials,
authorize
a
payment,
or
click
a
malware-laden
link
or
attachment.
engineering.
High-value
targets
such
as
executives
or
finance
teams
are
common.
Even
well-trained
users
may
be
fooled
if
the
message
closely
mirrors
legitimate
communications.
with
SPF,
DKIM,
and
DMARC,
advanced
threat
protection,
and
strong
authentication
like
MFA.
Organizations
should
implement
least
privilege,
monitor
for
anomalous
logins,
verify
requests
via
independent
channels,
and
have
incident
response
plans.