Difference between Phishing and Spear Phishing
Last Updated :
22 Jul, 2022
There are several types of Email attacks that are used by attackers to steal confidential information from a computer system or network. The confidential information includes login credentials, bank card details, or any other sensitive data. Phishing and Spear Phishing are also types of email attacks.
1. Phishing:
This is a type of email attack in which an attacker tries to find sensitive information of users in a fraud manner through electronic communication by pretending to be from a related trusted organization. Emails are carefully designed by attackers to target a group and clicking on a link installs malicious code on the computer.
Examples –
- Stealing bank transaction passwords from users
- Stealing login credentials from users
2. Spear Phishing:
Spear Phishing is a type of email attack in which a specific person or organization is targeted. In spear, a phishing attacker tricks the target to click on malicious links which install malicious code and let the attacker retrieve sensitive information from the targeted system or network.
Examples –
- Stealing stacks of details from an organization
- Stealing product designing procedures from a company
Difference between Phishing and Spear Phishing :
S. No. |
PHISHING |
SPEAR PHISHING |
1. |
Phishing attack is done for a wide range of people. |
Spear phishing is done for specific person or organization. |
2. |
Its objective is to steal sensitive data like bank card details from maximum people. |
Its objective is to steal sensitive data from a large company regarding stacks etc. |
3. |
It is an automated attack. |
While it is a manual attack. |
4. |
The targets selected in phishing are very random. |
While target is specific in spear phishing. |
5. |
This is broad and less sophisticated. |
While this is more sophisticated. |
6. |
The target has high volume- hundreds or thousands of recipients of spam. |
The target has low volume- sent to one individual or a small group of individuals, such as the accounts department. |
7. |
It is mostly done for money. |
While it is done to ruin an organization. |
8. |
It is impersonal, such as sending generic greetings. |
It is extremely customized since attackers would research their targets to create a convincing email. |
9. |
Phishing includes cyber criminals or professional hackers. |
While spear phishing attackers are business oriented malicious code distributor. |
10. |
Usually sent as nasty attachments or links. |
Zero-payload assaults are rather prevalent. |
Share your thoughts in the comments
Please Login to comment...