Difference between Phishing and Spear Phishing
There are several types of Email attacks that are used by attackers to steal confidential information from a computer system or network. The confidential information includes login credentials, bank card details, or any other sensitive data. Phishing and Spear Phishing are also types of email attacks.
1. Phishing:
This is a type of email attack in which an attacker tries to find sensitive information of users in a fraud manner through electronic communication by pretending to be from a related trusted organization. Emails are carefully designed by attackers to target a group and clicking on a link installs malicious code on the computer.
Examples –
- Stealing bank transaction passwords from users
- Stealing login credentials from users
2. Spear Phishing:
Spear Phishing is a type of email attack in which a specific person or organization is targeted. In spear, a phishing attacker tricks the target to click on malicious links which install malicious code and let the attacker retrieve sensitive information from the targeted system or network.
Examples –
- Stealing stacks of details from an organization
- Stealing product designing procedures from a company
Difference between Phishing and Spear Phishing :
| S. No. | PHISHING | SPEAR PHISHING |
|---|---|---|
| 1. | Phishing attack is done for a wide range of people. | Spear phishing is done for specific person or organization. |
| 2. | Its objective is to steal sensitive data like bank card details from maximum people. | Its objective is to steal sensitive data from a large company regarding stacks etc. |
| 3. | It is an automated attack. | While it is a manual attack. |
| 4. | The targets selected in phishing are very random. | While target is specific in spear phishing. |
| 5. | This is broad and less sophisticated. | While this is more sophisticated. |
| 6. | The target has high volume- hundreds or thousands of recipients of spam. | The target has low volume- sent to one individual or a small group of individuals, such as the accounts department. |
| 7. | It is mostly done for money. | While it is done to ruin an organization. |
| 8. | It is impersonal, such as sending generic greetings. | It is extremely customized since attackers would research their targets to create a convincing email. |
| 9. | Phishing includes cyber criminals or professional hackers. | While spear phishing attackers are business oriented malicious code distributor. |
| 10. | Usually sent as nasty attachments or links. | Zero-payload assaults are rather prevalent. |
Please Login to comment...