What is it?
Spear Phishing is the use of cleverly crafted and targeted emails or social media messages that are designed to trick the user into performing an action such as clicking on a link or opening a file.
How does it work?
Attackers will send an email that is engineered to look legitimate and from a trusted source, often indecipherable from a normal email to the untrained eye. This email will be designed to entice the user to open a file that contains a malware infection, or click on a link that will drive the user to a web site. This web site may be infected with malware, or will ask the user to login using their credentials. For example, an attacker may send a phishing email targeted at businesses listed as customers by ABC Business Bank.