International (English)

Spear Phishing

Modified on:

Spear phishing is a type of phishing attack targeting a specific organization or individual, carried out through a malicious email with the aim of gaining access to confidential information. Spear phishing attempts do not usually come from random attackers, but are more likely to be carried out for profit or to obtain trade secrets or sensitive information. Like emails sent in regular phishing attacks, spear phishing messages also appear to come from a trusted source. They generally have the following characteristics:


  • The source appears to be known and reliable, like someone from work.

  • The information within the message supports its validity and the request being made seems logical.

  • There is a sense of urgency, particularly to perform a task that goes against company policy.

To avoid becoming a victim of spear phishing, follow the recommendations below: 

  • Report unexpected requests for confidential information and, if possible, verify it directly with the person involved.

  • Do not disclose personal data in response to emails and do not click on links in messages, unless their source and authenticity are reliable.

  • Limit the amount of personal information you share on social media and other websites.


Was this useful?