What is it?
An exploit in which an attacker, typically using email, attempts to trick a computer user into opening web links, entering personal information into a web form or fake website, or taking an action that allows the attacker to obtain sensitive information. Spear phishing targets a specific individual or group of individuals using personal information.
Why is it important?
Phishing and spear phishing are the most common attack methods for attackers to gain an initial foothold into an organization or obtain sensitive data.