What is a common mechanism for delivering malware via email?

Spear phishing is a targeted attempt to steal sensitive information such as account credentials or financial information from a specific individual or organization, often through deceptive emails. This technique involves crafting personalized and convincing messages that appear legitimate and lure the recipient into taking action, whether it be clicking on a malicious link or opening an infected attachment.

Spear phishing emails are often carefully designed to reflect the preferences or interests of the target, making the attack much more effective than generic spam emails. This personalization increases the likelihood that the recipient will engage with the content, unwittingly facilitating the delivery of malware or compromising their security in other ways.

In contrast, while password-protected files and spam attachments can also be mechanisms for delivering malware, they are not necessarily specific to targeted attacks like spear phishing is. Random email addresses may be used in broader, less targeted attacks but lack the strategic focus that characterizes spear phishing. The specificity and intentional design behind spear phishing make it a common and effective mechanism for malware delivery through email.