Open In App
Related Articles

Difference between Phishing and Spear Phishing

Like Article
Save Article
Report issue

There are several types of Email attacks that are used by attackers to steal confidential information from a computer system or network. The confidential information includes login credentials, bank card details, or any other sensitive data. Phishing and Spear Phishing are also types of email attacks. 

1. Phishing: 
This is a type of email attack in which an attacker tries to find sensitive information of users in a fraud manner through electronic communication by pretending to be from a related trusted organization. Emails are carefully designed by attackers to target a group and clicking on a link installs malicious code on the computer. 

Examples –

  • Stealing bank transaction passwords from users
  • Stealing login credentials from users

2. Spear Phishing: 
Spear Phishing is a type of email attack in which a specific person or organization is targeted. In spear, a phishing attacker tricks the target to click on malicious links which install malicious code and let the attacker retrieve sensitive information from the targeted system or network.

Examples –

  • Stealing stacks of details from an organization
  • Stealing product designing procedures from a company

Difference between Phishing and Spear Phishing :

1.Phishing attack is done for a wide range of people.Spear phishing is done for specific person or organization.
2.Its objective is to steal sensitive data like bank card details from maximum people.Its objective is to steal sensitive data from a large company regarding stacks etc.
3.It is an automated attack.While it is a manual attack.
4.The targets selected in phishing are very random.While target is specific in spear phishing.
5.This is broad and less sophisticated.While this is more sophisticated.
6.The target has high volume- hundreds or thousands of recipients of spam.The target has low volume- sent to one individual or a small group of individuals, such as the accounts department.
7.It is mostly done for money.While it is done to ruin an organization.
8.It is impersonal, such as sending generic greetings.It is extremely customized since attackers would research their targets to create a convincing email.
9.Phishing includes cyber criminals or professional hackers.While spear phishing attackers are business oriented malicious code distributor.
10.Usually sent as nasty attachments or links.Zero-payload assaults are rather prevalent.

Last Updated : 22 Jul, 2022
Like Article
Save Article
Share your thoughts in the comments
Similar Reads