Define spear phishing.

Spear phishing is a targeted form of phishing that focuses on a specific individual or organization rather than a broad audience. This is achieved by customizing the attack, often using personal information about the target that the attacker has gathered through research. This personalization makes the attack more convincing, increasing the likelihood that the victim will fall for the scam.

Unlike general phishing attempts that cast a wide net in hopes of capturing responses from many victims, spear phishing is precisely aimed and often involves direct communication, such as an email that appears to come from someone the target knows or trusts. This tactic exploits the trust and familiarity that individuals have with certain contacts, making defenses against such attacks more challenging.

In contrast, the other answers describe different characteristics of phishing but do not encapsulate the specificity and personalization that define spear phishing. General phishing attempts aim at larger groups without targeting, physical access is unrelated to phishing tactics, and automated phishing attacks, while they may have scale, lack the targeted nature that is essential to spear phishing.