Which type of phishing attack uses personalized information to obtain sensitive data?

Spear phishing is a targeted form of phishing that utilizes personalized information to deceive individuals into providing sensitive data. Unlike regular phishing attacks that typically cast a wide net, spear phishing focuses on a specific person or organization, often gathering personal details from social media or corporate websites. This detailed information makes the message seem authentic and trustworthy, increasing the likelihood that the target will engage with the content and ultimately disclose sensitive information such as login credentials or financial details.

By incorporating relevant personal or professional details, such as the recipient's name, job title, or recent activities, spear phishing attacks effectively create a sense of familiarity and urgency. This psychological manipulation is key to the success of such attacks, making them a significant threat in the realm of cybersecurity.