What is spear phishing?

Spear Phishing is a highly targeted attack that pretends to be an email or message from an important individual in an organization to another person within the same organization. Business email compromise (BEC) is a specific kind of spear phishing attempt that hopes to use the extra authenticity (by sending a the email from a specific individual like the CEO of a company) of the sender to trick people into providing information they shouldn’t.

Financial institutions are frequent targets for spear phishing since there is sensitive data like phone numbers and social security numbers that criminals can use for identity theft. It's important to review your spam filter for any suspicious emails.

Other types of Phishing Attacks

  • Vishing (voice phishing) is a phishing technique conducted by a phone call. Phishers will often dial a long list of phone numbers and play an automated recording when a victim answers.
  • Smishing (SMS phishing) is similar to email phishing, with the exception that this attack is done using text messages. The texts often come with a sense of urgency and try and phish the victim to provide private data like their bank account numbers before their account gets "shut down."

Return to Glossary