What is targeted phishing?

Targeted phishing refers to phishing attacks that are customized to specific individuals. This method is often referred to as "spear phishing" and involves attackers researching their victims to create convincing messages that are more likely to deceive them. By using personal information, such as the victim's name, job title, or even details about their work relationships, the attackers increase the legitimacy of their attempts and improve their chances of success.

This strategy contrasts starkly with broader phishing methods, which may send generic messages to many recipients in hopes that a few may fall victim. Targeted phishing not only takes the form of emails but can also include messages via social media, phone calls, or other communications, all tailored to the victim's context. The custom approach is what makes targeted phishing particularly dangerous, as it can bypass basic security awareness training by appearing more believable and legitimate.