Which attack vector is characterized by targeting specific individuals with personalized messages?

Spear phishing is characterized by targeting specific individuals with personalized messages that are often crafted to appear legitimate and trustworthy. This attack vector leverages social engineering tactics to manipulate the recipient into revealing sensitive information or clicking on malicious links. The personalization component is pivotal; attackers research their targets to create seemingly relevant content, which significantly increases the chances of success compared to generic phishing attacks.

In the context of cybersecurity, spear phishing stands out because it focuses on individuals within an organization (such as executives or specific departments), rather than targeting a wider audience indiscriminately. This specificity makes it more dangerous, as the messages are designed to resonate with the recipient's role, history, or current projects, making it harder for the target to recognize the malicious intent.

Other attack vectors mentioned, such as vishing (voice phishing), whale phishing (a variant of spear phishing targeting high-profile individuals), and bulk phishing (unsolicited emails sent to a large number of recipients), do not incorporate the same level of individual targeting and personalization that spear phishing encompasses. Each of these alternatives has its own unique characteristics that differentiate them from spear phishing, reinforcing the latter's definition as a highly targeted and personalized attack type.