Can anyone give me suggestions about what is the difference between spear phishing and phishing?
A spear phishing attack will appear to come from a trusted source. Contemporary phishing attacks are usually conducted by sending malicious emails to as many people as possible.
Phishing emails are sent to very large numbers of recipients, more or less at random, with the expectation that only a small percentage will respond. An apparently official email from, say, a well-known delivery company might arrive, saying that “Your package has been delayed, click here for details.” Click the link and malware might be downloaded onto your device, or you might go to a fake website where you’re asked to enter your name, address, and social security number. That information would then be sold on the black market or used for fraud or identity theft.
Spear phishing emails are carefully designed to get a single recipient to respond. Criminals select an individual target within an organization, using social media and other public information—and craft a fake email tailored for that person