Which term describes when a malicious actor spends time gathering information about their target before a phishing attack?

Targeted information gathering to craft a believable message is what spear phishing is all about. By researching the target’s role, colleagues, recent projects, or interests, the attacker personalizes the email so it appears to come from a trusted source. That precision lowers suspicion and makes the recipient more likely to click a link or reveal credentials. The practice is distinct from generic phishing, which isn’t tailored to a specific person. Impersonation involves simply pretending to be someone else, not necessarily using personalized research. Typosquatting focuses on registering domain names that look like the legitimate site to deceive users, while homographs exploit visually similar characters to spoof URLs.