Phishing is an email fraud attack carried out against a large number of victims, such as a list of known American internet users. The targets are generally not connected, and the email does not attempt to appeal to any specific individual.
Instead, it contains an item of general interest (for example, "Click here for bargain medications") and a malicious link or attachment. The attacker plays the odds that at least some people will click on the link attachment to initiate the attack.
On the other hand, spear phishing is a highly specific form of phishing attack – by crafting an email message in a particular way, the attacker hopes to attract the attention of a specific audience. For example, if the attacker knows that ...