Spear Phishing

What Is Spear Phishing?

A conference talk. A flattering follow-up email from an admiring attendee. A link to a collaboration portal with your session recordings. Everything checks out. Your talk title, your colleague's name, your current project. But every detail was harvested from a single LinkedIn post. In this simulation, you step into the role of a Senior Product Analyst who recently spoke at an industry conference. An email arrives referencing specific details about your presentation and team. The sender's tone is professional and complimentary. The collaboration portal looks polished and legitimate. Nothing triggers the usual red flags. That's the point. Spear phishing works because attackers invest time in reconnaissance. According to Barracuda Networks, spear phishing accounts for only 0.1% of all email attacks but is responsible for 66% of all breaches. These aren't mass-blasted Nigerian prince emails. They're surgical strikes built from publicly available information. You'll trace exactly how an attacker moves from a social media post to a fully personalized phishing email. You'll inspect URLs, analyze sender headers, and practice verifying contacts through channels the attacker doesn't control. By the end, you'll understand why your professional visibility is both a career asset and an attack surface.

What You'll Learn in Spear Phishing

• Identify how attackers use open-source intelligence (OSINT) to craft personalized phishing emails
• Analyze email headers and sender domains for signs of spoofing or impersonation
• Apply independent verification procedures to validate unknown contacts
• Recognize the difference between mass phishing and targeted spear phishing techniques
• Evaluate your own social media presence for information that could fuel an attack

Spear Phishing — Training Steps

1. A Productive Morning

   Last week, Alice gave her first major conference presentation at TechForward Summit 2026. She spoke about real-time threat intelligence for fintech and the talk was a hit. She posted about it on LinkedOut and the engagement has been incredible.

2. Checking the Buzz

   Alice is curious how her LinkedOut post about the conference is performing. She opens her browser to check the engagement.

3. The Post That Started It All

   The post has gathered impressive engagement - over 200 reactions and dozens of comments from industry peers. Alice feels proud of the professional visibility.

4. A Flattering Email

   A new email arrives from Kevin Park, Solutions Director at Nexelion Partners. He says he attended Alice's talk at TechForward Summit and wants to discuss a partnership opportunity.

5. The Personal Touch

   The email is impressively specific. Kevin references Alice's talk title, mentions Marcus by name, and even knows about Project Sentinel. He claims to have spoken with Marcus at the networking mixer. Alice is flattered. A Solutions Director from a partner firm saw her talk and wants to collaborate. She decides to check out the shared materials.

6. The Collaboration Portal

   The link opens what appears to be Nexelion Partners' document sharing portal. To access the shared files, Alice needs to sign in with her work email.

7. Something Went Wrong

   Instead of the shared documents, the portal displays an error message claiming the session has expired. Alice dismisses it as a temporary glitch and returns to her other work.

8. Knowledge Check

   Before continuing, let's reflect on what just happened.

9. Security Alert

   Three days have passed. Alice receives an urgent email from the Prismwave Security Operations Center. Her account has been compromised.

10. Investigation Portal

    Alice needs to review the investigation report to understand the full scope of the breach.