Targeted phishing attacks are typically called spear phishing.

What Are Targeted Phishing Attacks Called?

Targeted phishing attacks that focus on a specific person or organization are known as spear phishing. Unlike broad phishing blasts, these messages are customized and often use personal details (like your name, job role, or colleagues) to look convincing and bypass your skepticism.

There is also an even more specialized form called whaling , which is a type of spear phishing aimed at high‑value “big fish” such as executives or senior decision‑makers.

Quick Scoop: Key Terms

  • Phishing – Generic mass scam messages sent to many people at once, usually not personalized.
  • Spear phishing – Targeted phishing attack aimed at a specific person, role, or organization, using tailored details to appear legitimate.
  • Whaling – A subset of spear phishing that targets executives or other high‑profile individuals.

Why It Matters Right Now

In recent years, spear phishing has become one of the most common entry points for ransomware and business email compromise, because attackers can get a much higher “hit rate” when emails feel personal and relevant. Security reports continue to show that even well‑trained staff can be tricked when an email appears to come from a known colleague, boss, or trusted business partner with realistic context and timing.

Mini Example Story

Imagine you work in finance and receive an email that appears to be from your CEO, mentioning a real project and a real client your team just discussed in yesterday’s meeting. The message asks you to “urgently” process a wire transfer using an attached form or a link to a “secure” portal. Because the attacker has done research—pulled names, roles, and project details from LinkedIn and company news—the email feels authentic, and that’s exactly what makes spear phishing so dangerous.

Simple Defense Tips

  1. Be suspicious of urgency – “Urgent” payment or login requests are classic social‑engineering flags.
  1. Verify through another channel – Call or message the person via a known contact method before acting on unusual requests.
  1. Check addresses and links – Carefully inspect the sender’s email and hover over links before clicking.
  1. Use security training and filters – Modern email security tools and regular staff training significantly cut spear‑phishing risk.

Bottom line: when someone asks “what are targeted phishing attacks called?”, the best one‑line answer is: They’re called spear phishing attacks.

TL;DR: Targeted phishing attacks aimed at specific people or organizations are called spear phishing , and when the target is a top executive, it is often called whaling.

Information gathered from public forums or data available on the internet and portrayed here.