Spear Phishing

Back To Glossary

Spear phishing campaigns are a type of social engineering attack that targets specific people in an organization. These malicious actors research high-value targets (for example, people with advanced permissions on the platform or account managers for celebrities) and send trustworthy emails to request money or information. To make their emails look trustworthy, they use domains similar to the organization they’re targeting, maybe with one letter in the middle as the only difference. Sometimes, a valid domain of the organization can be hijacked, allowing the malicious actor to send an email with a legitimate domain.