“Spear-phishing, like phishing, involves emailing a malicious link or file. Whereas phishers send mass emails in hopes of stealing credit card information, Social Security numbers and login credentials from as many people as possible,” Tom Chapman explains, “spear-phishers are more precise. They usually target one or (a) few individuals at an organization, and they conduct extensive research in order to craft a very personal and convincing email. The spear-phisher has a very specific and often more sinister objective than the phisher.”
So be wary of both forms of email attacks.