Sunday 05 July 2026 05:33:02 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

WIKICROOK

Spear phishing

A targeted phishing attack tailored to a specific person or role.

Spear phishing is a targeted phishing attack tailored to a specific person, team, or job role. Instead of sending a generic scam message to many users, the attacker researches the target and writes a lure that feels relevant, such as a fake password reset, invoice, vendor notice, or executive request.

This matters because targeted messages are more convincing and often aim at people with privileged access, such as IT staff, finance teams, or managers who can approve changes. A successful spear phishing message can lead to credential theft, malware delivery, or fraudulent approvals that open access to email, cloud tools, or internal systems. Defenses focus on reducing the value of stolen credentials and on verifying unusual requests: phishing-resistant authentication, least-privilege access, out-of-band confirmation for sensitive actions, and monitoring for abnormal logins or admin changes. Good security awareness also helps by making verification a habit, especially when the message creates urgency.

← WIKICROOK index