spear phishing

a.k.a. spear-phishing

Basically a more personalized form of phishing, "spear phishing" specifically refers to crimeware that fine tunes phishing attacks by correlating specific names and e-mail addresses about where a person banks or shops, and then customizes spoofed messages to trick individuals into clicking on a viral attachment or harmful Web link. Once that happens, the intruder can then take full control of the victim's PC.

If an email comes from an unknown sender, if it solicits personal information, if it prompts you to open an attachment or click on a link, if it says it's urgent, or if it contains grammatical errors, it's likely a spear phish. There are three kinds of spear phishing emails: data entry (they want you to go somewhere and insert your personally identifiable information), click only (you should NEVER click on a link from someone you don't know), and an attachment (you should NEVER open an attachment from someone you don't know).

If you suspect you have been phished, forward the e-mail to uce@ftc.gov or call the FTC help line, 1-877-FTC-HELP. Phishing is a variation on the word "fishing," with the idea that bait is thrown out in the hopes that while most will ignore it, some will be tempted into biting. Phishing can be a noun or a verb, while "a phish" or "a phisher" is the person doing the phishing.

Click on "more info" below to see a phishing EXAMPLE!

NetLingo Classification: Online Jargon

Updates
See more information about this term