Skip to content

Differences Between Phishing and Spear Phishing

I have mentioned phishing previously, but let me give you some explanations about two associated terms for this type of fraud.

Phishing is trying to get information from you like usernames, passwords, social insurance number and credit card numbers or details by masquerading as an entity that you trust (like a bank or a credit card company) in an e-mail to lure you into taking actions. This e-mail might include:

  • Links to websites that are infected with Malware
  • Links to websites that look like actual websites, but that are facades to get you to input your login information
  • Email might have attachments that are infected with a virus, like a PDF or DOC file

Typically, these attacks don’t mention you by name and look to be more of a generic statement.

phishing spearphishing
Difference Between Phishing and Spear-phishing

Spear phishing is a more sinister type of Phishing that uses email messages that appear to come from well-known and trusted sources. The e-mails have well written titles, and look like they pertain to you. Spear phishing is usually a much more narrowly aimed attack to try to get specific information from a specific group of individuals. Spear phishing emails would look like they are from:

  • Your boss, or a specific family. These folks may have had their accounts compromised. That is where spear-phishing thrives and may only be trying to add you to the list (along with your contacts), to expand the infection.
  • The e-mail looks very realistic, and will mention you by name, and seem genuinely sent to you.

Phishing for Phun ?

This will lull you into a false sense of security, so that you either open the infected attachment, or the nefarious link attached to the email. Some examples might be:

  • If it was from a friend of family member the link might be, “here is a link to our vacation photos”, but it is not that, at all!
  • An email from your credit card company that mentions part of your credit card number like

    **** *** **666 and say you need to change your password, pointing to a web-site (which is their password catching site).

Many folks have been tricked by spear-phishing, so you will need to keep up your diligence when receiving emails or links from trusted sources. With the advent of Artificial Intelligence, this now is quite easy to create, and you must be that much more diligent due to these new tools.

3 thoughts on “Differences Between Phishing and Spear Phishing”

  1. Pingback: Cybersecurity Newsletter

  2. Pingback: A Phishing Example

  3. Pingback: More On Ransomware And What To Do

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.