(redirected from Spear phishing)
Also found in: Dictionary, Encyclopedia.
Related to Spear phishing: social engineering


The illegal practice of attempting to steal an identity by setting up a website and encouraging people to input credit card or other personal information. Phishing often purports to present a legitimate web business and asks the "customer" to give personal information in order to receive fictitious products. Alternatively, phishing may involve a criminal sending out e-mail purporting to be from a bank or credit card company asking for information as part of an "urgent" request. Phishers then steal the identity directly or sell to another party for illegal purposes.


Phishing is one way that identity thieves use the Internet to retrieve your personal information, such as passwords and account numbers.

The thieves' techniques include sending hoax emails claiming to originate from legitimate businesses and establishing phony websites designed to capture your personal information.

For example, you may receive an urgent email claiming to come from your bank and directing you to a website where you're asked to update or verify your account number or password. By responding you give identity thieves an opportunity to steal your confidential information.

Phishing is difficult to detect because the fraudulent emails and websites are often indistinguishable from legitimate ones and the perpetrators change identities regularly.

Mentioned in ?
References in periodicals archive ?
The way organizations typically combat spear phishing is through spam filters and Sender Policy Framework, also known as SPF records.
Businesses in Belfast are being targeted in these spear phishing attacks as criminals take key information from firm's profiles.
Examples of the spear phishing is an email supposedly from the Garda asking to pay a toll or speeding fine after driving in the Republic, or an email after your holiday claiming you were caught speeding while overseas.
Results showed both mass campaign phishing and spear phishing are still rampant in the attack strategies used by cybercriminals around the world.
Despite the best end user education, there are still cases where employees open emails that appear to be legitimate but are actually spear phishing attacks that do not always go to spam folders.
At Northeastern, when a spear phishing email begins circulating, the IT department will attempt to notify the entire university quickly through social media and other means.
The hackers within the SEA use a technique known as spear phishing, where they send specifically tailored emails to employees within the groups they are targeting.
According to FireEye's 'Top Words Used in Spear Phishing Attacks to Successfully Compromise Enterprise Networks and Steal Data," the top five draws in the first half of 2012 were "dhl," "notification," "delivery," "express," and "2012.
Healey said educating the workforce about spear phishing is not enough.
The most commonly used and shared file types accounted for 70 percent of the total number of spear phishing email attachments during the monitored time period.
Spear phishing is often an email that looks as if it came from someone internal to your business, and it requests passwords or other private data from your employees.
In this web seminar, Sverdlove will discuss how spear phishing works and what motivations attackers have towards their targets, while also providing a three-step approach to preventing these threats.