Spear and other Phishing


Spear phishing is a phishing attempt directed at a specific individual or group of individuals using personal details. Attackers will use social media or company websites to collect information and activities that can be referenced in messages. A spear phishing attack will appear to come from a friend or work colleague with a time critical request.

How to spot a phishing email

  • Sender’s name does not match sender’s email address
  • The message has a generic greeting – however, it may also these days actually include your name
  • There is reference to a time critical request – urgent phone call or urgent reply needed
  • Low quality images or the text is poor quality – spelling mistakes, grammatical errors
  • Hover over hyperlinks to check that the URL matches the text
  • <edited> Sites that are “safe” will generally begin with “https://” – the “s” stands for secure. If the URL is not https then do not proceed
    • https should not be seen as a 100% guarantee of safety – it is extremely easy for fraudsters to setup fake url websites with valid https certificates
  • If in doubt double check everything and / or contact the IT Office for a second opinion.

Do NOT respond to phishing emails.

In addition to Spear Phishing you may find it useful to know about other types of phishing attacks:


Mass-scale phishing attacks cast a wide and very general net of attacks – these are not highly targeted but may still be specific to an organisation eg University of Oxford, the Student Loan Company or may even reference world topics like COVID-19 events or actions.


Clone phishing is where the attacker will attempt to impersonate a legitimate, and previously delivered, bit of correspondence. Clone phishing emails will look almost identical to a legitimate message from a colleague or service or organisation. A good example would be a password reset email or an invoice from an “existing” supplier with updated banking details.


Whaling is a phishing attempt directed specifically at a senior executive or high-profile individual within an organisation eg HoH, Bursar, Finance Officer.
These attempts will be highly targeted with research into the individual’s speaking event topics, charitable activities, together with their passions and hobbies. Anything that will engage the individual to respond to the attacker’s correspondence; whether that is by email, physical letter or phone call. Any and all information about the individual is useful to the attacker, including upcoming holidays, current or upcoming projects, meeting availability and who those meetings are with.

Please remain vigilant – remember that phishing emails are sent by organised criminal gangs.