On deck in our types of phishing series: Spear phishing.
Where most phishing attacks cast a wide net, hoping to entice as many users as possible to take the bait, spear phishing involves heavy research of pre-defined, high-dollar target—like a CEO, founder, or public persona—often relying on publicly available information for a more convincing ruse.
FYI: When the target is sizeable enough, spear phishing is sometimes called ‘whaling.’
Landing the Big One
SIM swapping is a type of spear phishing where attackers phish a target’s phone carrier, pretending to be the target, and replacing the SIM card with one of their own. One such case resulted in $24 million of lost cryptocurrency.