What is Spear Phishing?

1 min read
What is Spear Phishing? Blog Image


According to a recent report, as many as 53 per cent of organizations studied in India were victims of spear phishing in 2022.

About Spear Phishing:

  • It is an email or electronic communications scam targeted towards a specific individual, organization or business. 
  • It is a targeted attempt to steal sensitive information such as account credentials or financial information from a specific victim, often for malicious reasons
  • This is achieved by acquiring personal details on the victim such as their friends, hometown, employer, locations they frequent, and what they have recently bought online.
  • Working:
    • A spear phishing email uses social engineering techniques to urge the victim to click on a malicious link or attachment.
    • Additionally, the email will blatantly ask the recipient to respond urgently, such as transferring a specific sum of money or sending personal data such as a banking password.
    • Because the emails are written in a highly familiar tone and refer to personal information about the recipient, victims mistakenly believe they know and trust the sender and respond to the request.
    • Once the victim completes the intended action, the attacker can steal the credentials of a targeted legitimate user and enter a network undetected.
  • This is the most successful form of acquiring confidential information on the internet, accounting for 91% of attacks.


Q1) What is Phishing?

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.

Source: Report. Hackers target Indian organisations with spear phishing