Spearphishing

Spearphishing is a modified form of a phishing attack, where the target, an individual or small group of people, is sent messages that appear to be from a trusted source or on a subject of specific interest to the target, often determined via social engineering or collecting information from public sources about the target.

These messages may contain links to the fake website to steal credentials for the actual, trusted websites or to convince the target to open attached documents, which then act as droppers for remote access trojans, keyloggers, or other forms of malware used to penetrate further the target’s computer(s) and network.