Spear phishing attacks
Spear phishing is an email spoofing technique used by fraudsters to target a specific organization or individual with a customized, highly-realistic phishing email. Simply put, it’s a more targeted, complex and research-intensive version of phishing.
This attack is usually used against organizations that the attacker is familiar with. Attackers will use insider knowledge to specifically target the employee responsible for making payments in a way that seems realistic. For example, they might send an email to an accountant that appears to be from the CFO asking them to make a payment that appears normal at first glance. If the employee falls for the attack, it could lead them to a fake website or download link that triggers a MITM or MITB attack.