Let’s Go Spear-Phishing! 

By now, everyone should be familiar with phishing emails and their destructive capabilities. However, not as many people know about its sophisticated and dangerous counterpart, spear-phishing.    

What isSpear-Phishing? 

Spear-phishing is an attack on a specific person, or a select group of people. The attacker gains personal knowledge about the intended prey, such as where they live, whom they work for, or what they purchase online. The phisher will then design an email using this knowledge and include a link or file that will either ask for sensitive information or install malware on the recipient’s computer. Employees get ‘speared’ because it is difficult to identify these email messages as fraudulent when they appear to originate from friends, employers, or even a recognized authoritative figure.     

How is this different from regular phishing?  

The major difference between regular phishing and spear-phishing attacks is the personalization efforts that go into spear-phishing. Regular phishing involves an attacker, disguised as a trustworthy source, casting out a massive amount of emails to a large amount of people. These emails are vague and typically do not have information about the intended target. Spear-phishing, on the other hand, is much more isolated and thought-out. The attacker spends a lot of time gathering information and constructing an email that appears to be from a legitimate source for the intended target. This extra effort makes identifying spear-phishing emails much harder than regular phishing emails. Falling for spear-phishing emails could result in losing personal information or the download of malware.   

Howdo I avoid being speared? 

Spear-phishing assailants become smarter and smarter in the methods used to trick the unsuspecting. Here are a few simple steps combat their efforts and avoid being the victim of a spear-phishing attack.  

  1. For starters, check information accessible from social mediasites. If you do not have the privacy settings enabled on your account, everyone—as in complete strangers, can see and have access to your information.  
  1. Another proven step isto have a variety of unique passwords for your many online accounts. If you only have one password that you reuse for multiple websites, then an attacker has access to every account.  
  1. Also, keep your computer updated with the latest security updates. Security updates typically include changes in codingto better protect you and your information from attacks.  
  1. Before opening any email messages, check the email address first to see if you recognize it. If you do not recognize it,do not open it. Simply, delete the message.
  1. Finally, install a security system, or virus scanner, onyour computer. The security system will not only protect your device but can also remove malicious software. The scanner will continuously scan for any threats or malicious software.  

Spear-phishing attacks are a complex and dangerous force. However, staying vigilant and following these simple steps will reduce the chance of falling victim to these malicious attacks.   


Author: EmilyCieslewicz, IT Student Tech Consultant



Giandomenico, Nena. “What Is Spear-Phishing? Defining and Differentiating Spear-Phishing from Phishing.” Digital Guardian, 27 Feb. 2018, https://digitalguardian.com/blog/what-is-spear-phishing-defining-and-differentiating-spear-phishing-and-phishing 

Norton-Team. “What is Spear Phishing and How Does It Operate?” Norton, https://uk.norton.com/norton-blog/2016/12/what_is_spear_phishi.html  

13 thoughts on “Let’s Go Spear-Phishing! ”

  1. I have seen many of the people who have been affected by the phishing scam and we need to be secure from that. It is necessary that we should apply all the security measures to protect the system as well.

  2. Hi! I just wish to give you a big thumbs up for the great
    info you’ve got here on this post. I will be returning to your website for more soon.

  3. Greetings! Very helpful advice in this particular article!
    It is the little changes that produce the greatest changes.

    Many thanks for sharing!

  4. Spear phishing is a type of phishing which targets to a specific individual, organization or business to seeks the unauthorized access to sensitive information.

  5. I constantly spent my half an hour to read this website’s content all the time along with a mug of coffee.

  6. I want to say that this article is awesome, great written and include approximately all
    significant infos. I’d like to see extra posts like this .

  7. Spear phishing is the type of phishing where the attacker sends the link via email and by click, on that link by the victim, the personal information of the user will be hacked by the hacker.

  8. It is providing all the possible techniques by utilizing that the users are capable to spot as well as detect any Phishing activities or other illegal acts. They should be thankful for these useful suggestions and also utilize in a proper manner.

  9. Phishing is such an illegal activity or scamps that accessed by hackers or any unauthorized persons so that they can able to steal all the sensitive information of the users. They must access all the social media-based platforms in a secured manner. It is providing all the fruitful suggestions so that they can make an effective grip on such platforms.

  10. Great weblog here! Also your site so much up fast! What host are
    you using? Can I get your associate hyperlink on your host?
    I wish my web site loaded up as quickly as yours

Comments are closed.