spear phish n.
Spear-phishing, say security specialists, is much harder to detect than phishing. Bogus e-mail messages and Web sites not only look like near perfect replicas of communiqués from e-commerce companies like eBay or its PayPal service, banks or even a victim's employer, but are also targeted at people known to have an established relationship with the sender being mimicked.
Timothy L. O'Brien, "Gone Spear-Phishin'," The New York Times, December 4, 2005
Sounds like a normal phishing e-mail, right? But what if the e-mail seemed to come from the head of IT at your small business, warning about your company account? Would you click the link?
Today's phishers hope so. In fact, the excerpt above didn't appear in the usual global barrage of e-mail sent out to catch recipients with eBay or PayPal accounts. Instead, it went exclusively to students and faculty of the University of Kentucky as part of a directed, or "spear-phishing," attack against the small, 33,000-member university credit union this May.
Erik Larkin, "Spear phishing," PC World, November 1, 2005
Spear Phishing: What Happens when Phishers optimize the “list-creation” aspect of phishing?
"APWG September Meeting in Washington, DC," Anti-Phishing Working Group, August 20, 2004
dot con artist
targeted Trojan horse