Which type of phishing attack targets a specific individual or organization?

Spear phishing is a type of phishing attack that is designed to target a specific individual or organization. Unlike generic phishing attacks, which cast a wide net to deceive as many people as possible, spear phishing is more personalized. Attackers typically gather information about their target, such as their interests, job role, or connections, which allows them to craft convincing messages that appear legitimate. This approach increases the likelihood that the victim will engage with the malicious content, making spear phishing particularly dangerous in corporate settings, where attackers may aim for key individuals with access to sensitive information.

In contrast, generic phishing attempts do not single out individuals and usually rely on mass emails that could apply to a wide audience. Whaling is a subtype of spear phishing that specifically targets high-profile individuals like executives or senior management within an organization. Vishing, or voice phishing, involves targeting individuals over the phone rather than through emails or digital communication. Each of these options highlights different tactics of deception, but spear phishing is distinctive in its focus on individual targets, making it especially effective.