Skip to main content

Spear Phishing - Targeted Email Attack Tactics

About 2 min read

Spear phishing is a targeted phishing attack aimed at a specific individual or organization. Unlike ordinary phishing sent to large numbers of unspecified recipients, the attacker researches the target's personal information, affiliated organization, and job duties in advance, then sends a highly convincing, customized email. Its success rate is high, and it is frequently used as an entry point for intrusion into companies.

Real-World Use Case

"When I opened the PDF attached to an email impersonating a contact at a business partner, malware was executed and allowed an intrusion into our internal network. The email address differed from the legitimate one by just a single character, so I did not notice."

The Flow of a Targeted Attack

Gather target information
Craft a customized email
Open the attachment/link
Credential theft/malware execution

Characteristics of Spear Phishing

Attackers gather information about the target from social media and websites, then craft emails impersonating a colleague or business partner. Using work-related content such as "Here are the materials from the other day's meeting" or "I am sending you the revised version of the contract," they trick the recipient into opening an attachment or link. The email address also uses a domain that closely resembles the legitimate one. Studies by security firms indicate that 91% of targeted attacks begin with a spear phishing email. From 2024 to 2025, advanced spear phishing emails that mimic the target's writing style have been increasing, making detection difficult through conventional visual inspection alone.spear phishing defense books on Amazon will help you learn the techniques and countermeasures.

The Difference from Phishing and Whaling

Ordinary phishing targets large numbers of unspecified recipients, like a "mass email impersonating a bank"; although its success rate is low, mass distribution still produces victims. Spear phishing narrows its focus to a specific individual or organization and raises its success rate through customization based on prior research. Whaling is a form of spear phishing that targets executives and people with high approval authority, aiming for direct money-transfer instructions or the theft of confidential information. The precision of the attack and the amount of damage increase in the order of phishing < spear phishing < whaling.

Defensive Measures

It is important to develop the habit of not carelessly opening attachments or links in suspicious emails and of verifying with the sender through a separate channel. If you use a unique, strong password for each service and set up two-factor authentication, you can keep the damage to a minimum even if credentials are stolen. For companies, adopting email authentication technologies such as DMARC, SPF, and DKIM, along with regular phishing drills, is effective. Be sure to also practice protecting your email account.email security books (Amazon) are also helpful references.

Related Terms

Was this article helpful?

XHatena