How does phishing differ from spear-phishing?

Phishing is a broad cyber attack strategy where scammers send mass emails or messages that appear to be from legitimate sources to lure victims into revealing sensitive information, such as passwords or credit card numbers. It targets a general audience, hoping that a certain percentage of recipients will fall for the scheme.

In contrast, spear-phishing is a more targeted approach. In these attacks, cybercriminals conduct research to craft messages that appear to be genuinely relevant to specific individuals, often incorporating personal details to increase the chances of success. This makes spear-phishing more dangerous because it feels more credible and familiar to the target, who may be more likely to respond to what seems like a legitimate request.

This distinction in targeting is what makes the correct answer accurate. While both phishing and spear-phishing involve deceptive practices, the key difference lies in the scope and specificity of their targets.