Spear phishing is a cyber attack that aims to extract sensitive data from a victim using a very specific and personalized message. This message is usually sent to individuals or companies, and it’s extremely effective because it’s very well planned. Attackers invest time and resources into gathering information about the victim (interests, activities, personal history, etc.) in order to create the spear phishing message (which is usually an email). Spear phishing uses the sense of urgency and familiarity (appears to come from someone you know) to manipulate the victim, so the target doesn’t have time to double-check the information.