GuidePoint Security’s white paper, A Guide to Spear Phishing, details the growing threat of spear phishing, a highly targeted form of phishing that focuses on specific enterprises and individuals. According to the 2021 Verizon Data Breach Report, phishing was involved in 36% of breaches, underscoring its rising prevalence. The paper explores primary spear phishing attack types—credential harvesting, malicious link compromise, malicious attachment compromise, and business email compromise (BEC). It also outlines the four phases of a spear phishing attack: pre-attack (target identification and information gathering), initial attack (email creation and distribution), user action (victim engagement), and post-attack (exploitation and expansion).

Join for free to read