Spear phishing

How it works

Attackers research the target, including their role, colleagues, recent deals, and vendors, often from LinkedIn and public sources. They then craft a message that fits the victim’s context, such as a fake invoice from a known supplier or a request that appears to come from a manager.

How it relates to brand impersonation

Spear phishing usually pairs with executive impersonation and combosquatting: a believable sender domain plus a plausible identity. Its precision makes it far more effective than mass phishing.

How nebty helps

nebty reduces the raw material for spear phishing by detecting the lookalike domains and fake profiles attackers use to impersonate your brand and executives, and removing them on demand.

What makes it so convincing

Spear phishing trades volume for precision. Instead of a generic blast, the attacker spends time on one target, pulling details from LinkedIn, your website, press coverage, and past breaches to build a message that fits the victim context exactly. It references a real project, a real colleague, or a deal in progress, and it arrives at a plausible moment. That research is what defeats the usual instinct to be suspicious, because nothing about the message feels generic. Awareness training helps but is not enough on its own against a well-made lure. The structural defence is to deny the attacker their raw materials: the lookalike sender domains and fake executive profiles that make the message credible are detectable, and removing them early is more reliable than expecting every employee to spot a tailored message under time pressure.