Cyberkiz

Spear Phishing

A targeted phishing attack directed at a specific individual or organisation, using personalised information to appear more convincing than generic phishing.

Unlike mass phishing campaigns sent to thousands, spear phishing targets specific individuals — often executives, finance staff, or IT administrators. Attackers research their targets using LinkedIn profiles, company websites, and social media to craft highly personalised messages that are difficult to distinguish from legitimate communication.

CEO Fraud in Malaysia

Spear phishing often leads to Business Email Compromise (BEC), where attackers impersonate a CEO or finance director to authorise fraudulent wire transfers. Malaysian companies have lost hundreds of thousands of ringgit to such attacks. Always verify large payment requests through a separate communication channel.