In today's digital world, cybercrime is responsible for significant damage to organizations, including financial losses, operational disruptions, or intellectual property theft. Cyberattacks often start with an email, the major means of corporate communication. Some rare, severely damaging email threats - known as spear phishing or Business Email Compromise - have emerged. However, the literature disagrees on their definition, impeding security vendors and researchers from mitigating targeted attacks. Therefore, we introduce targeted attacks. We describe targeted-attack-detection techniques as well as social-engineering methods used by fraudsters. Additionally, we present text-based attacks - with textual content as malicious payload - and compare non-targeted and targeted variants.

翻译：在当今数字化世界中，网络犯罪对组织造成重大损害，包括经济损失、运营中断或知识产权盗窃。网络攻击通常始于电子邮件——企业通信的主要方式。一些罕见且危害严重的电子邮件威胁——即所谓的鱼叉式网络钓鱼或商业电子邮件欺诈——已经出现。然而，现有文献对其定义存在分歧，这阻碍了安全供应商和研究人员有效应对目标攻击。因此，我们引入"目标攻击"这一概念。我们描述了目标攻击检测技术以及欺诈者使用的社会工程方法。此外，我们提出了基于文本的攻击——以文本内容作为恶意载荷——并对非目标攻击与目标攻击的变体进行了比较。