How does spear phishing work?

Attacker researches the target using LinkedIn, company websites, social media, and data breach dumps A personalized message is crafted referencing real names, projects, or events the target would recognize The message appears to come from a known colleague, vendor, or authority figure The target, recognizing familiar details, trusts the message and complies with the request Credentials are stolen, malware is installed, or wire transfers are authorized

How do I protect myself from spear phishing?

Be cautious of any unexpected request, even if it appears to come from someone you know Verify unusual requests through a separate communication channel (call the person directly) Limit personal information shared on social media and professional networks Implement email authentication (SPF, DKIM, DMARC) in your organization Use IsThisAScam to verify suspicious emails from "known" senders

Home/Glossary/Spear Phishing

Glossary · Attack Vector

What Is Spear Phishing?

A targeted form of phishing where attackers customize their fraudulent messages using personal information about the victim, such as their name, job title, colleagues, or recent activities.

Quick Definition

A targeted form of phishing where attackers customize their fraudulent messages using personal information about the victim, such as their name, job title, colleagues, or recent activities.

Think you've been targeted?

Paste the suspicious content here for an instant analysis.

No signup · 6 detection layers · Results in seconds · Cmd+Enter

01Spear Phishing explained.

Unlike regular phishing that casts a wide net, spear phishing is precision-targeted. Attackers research their victims through social media, company websites, data breaches, and public records to craft highly personalized messages that are extremely difficult to detect.

Spear phishing is responsible for the majority of successful data breaches at organizations. Because the messages reference real colleagues, projects, and events, even security-aware employees can be deceived.

The investment attackers make in researching each target pays off — spear phishing has a significantly higher success rate than mass phishing campaigns, often exceeding 50% click-through rates.

02How it works.

01Attacker researches the target using LinkedIn, company websites, social media, and data breach dumps

02A personalized message is crafted referencing real names, projects, or events the target would recognize

03The message appears to come from a known colleague, vendor, or authority figure

04The target, recognizing familiar details, trusts the message and complies with the request

05Credentials are stolen, malware is installed, or wire transfers are authorized

03Real-world example.

The 2016 Democratic National Committee breach began with a spear phishing email to campaign chairman John Podesta. The email appeared to be a Google security alert about his account, and included his name and was styled exactly like a real Google notification.

04How to protect yourself.

01Be cautious of any unexpected request, even if it appears to come from someone you know

02Verify unusual requests through a separate communication channel (call the person directly)

03Limit personal information shared on social media and professional networks

04Implement email authentication (SPF, DKIM, DMARC) in your organization

05Use IsThisAScam to verify suspicious emails from "known" senders

Explore Scam Types

phishing romance crypto investment tech support delivery

Suspect Something?

Run a scan on the message you received.

Run a scan →