Call now for cybersecurity help: 888-646-1616
Holly Sagstetter

What is Spear Phishing: Definition and 6 Helpful Tips

December 2, 2020

What is Spear Phishing? Here's an example: Imagine you get an email from a friend or family member asking for you to send the password for one of your accounts. The email looks too close to their actual email address for you to see a difference. The person sending the email uses a lot of personal details that you think only your friends and family would know. All of this makes you trust the sender of the email.

Emails like these, that include personal information to trick someone, are used to get people to trust hackers enough to send them private information, like usernames and passwords.

What is Spear Phishing?

Spear phishing is just a more specific version of phishing. Instead of a hacker sending out a generalized email to a large group of people, they do large amounts of research on a specific target and try to hack them. Hackers could try to find and use specific information such as:

  • Age
  • Location
  • Interests
  • Employers
  • Friends and family

With this kind of information, a hacker could trick you into thinking they are trustworthy. By earning your trust they can gain access to private information. With this information they can blackmail you, steal your access to your accounts, or sell your data.

Check out this link for a little more information on the specifics of spear phishing.

Spear Phishing vs Phishing

While phishing attacks generally are used to go after large groups of people, spear phishing is a lot more specific to smaller targets. Regular phishing attacks are used to go after bigger groups of targets at once. Very generalized emails are usually sent out to try and trick the hackers’ targets into clicking on a malicious link. 

Phishing attacks go after many targets at once in hopes that at least a few people will fall for their fake email. Spear phishing puts in a little more effort when it’s used to go after personal information. 

A spear phishing attack requires a hacker to try and build trust with their target to gain access to the information they want. Hackers may try to pretend to be someone the target is familiar with, someone they already trust. Spear phishing emails are a lot harder to spot at first because of how personalized they are to each target.

Beware Phishing and Spear Phishing

How to avoid a phishing hack

Avoiding general phishing hacks is pretty simple and can be as easy as not opening suspicious looking emails. Some super easy ways  to avoid a phishing hack are:

  • Use email services with anti-spam features
  • Use multi-factor authentications
  • Subscribe to a service that scans for phishing attacks
  • Train to look for phishing emails
  • Keep your computer systems up to date
  • Keep passwords secure and updated

Find more detail about all of these steps in this article, as well as this one on the link hover method.

The best way to avoid a phishing hack is to not open any emails that don’t look completely trustworthy. As well as never opening any links in those untrustworthy emails.

How to avoid a spear phishing hack

A lot of the tactics for avoiding spear phishing hacks are the same as those for phishing attacks. For example:

  • Keeping your software up to date
  • Making sure you have strong passwords
  • Being careful of what emails you open
  • Never clicking on links in an email

Check out this link for a more in depth explanation on each of these tactics and a few more tips.

Who is Adelia Risk?

We provide cybersecurity protection exclusively for small, high-value companies in highly-regulated industries including financial services,  medical/biotech and government contracting.

Talk to us!

Have questions or feedback?  Please share them in the comments below.

Like this article?  Share it!

Leave a Reply

Your email address will not be published. Required fields are marked *

Do you think we might be a
good match?

We help over 100 of the best financial services, healthcare, and manufacturing companies across the U.S. with their cybersecurity.
Copyright 2023 Adelia Associates, LLC | All Rights Reserved