A spear phishing attack is a relatively simple one: to gain access to a system, an attacker sends fake messages that appear legitimate, tailored to a specific target—usually with domain names or other familiar identifiers so that the target opens a malicious link or file.

Read full article on Motherboard