Phishing
Phishing attacks use e-mail or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses.
Spear Phishing
Spear phishing involves highly specialized attacks against specific targets or small groups of targets to collect information or gain access to systems. For example, a cybercriminal may launch a spear phishing attack against a business to gain credentials to access a list of customers. From that attack, they may launch a phishing attack against the customers of the business. Since they have gained access to the network, the e-mail they send may look even more authentic and because the recipient is already customer of the business, the e-mail may more easily make it through filters and the recipient maybe more likely to open the e-mail.
The cybercriminal can use even more devious social engineering efforts such as indicating there is an important technical update or new lower pricing to lure people.
(Author: National Cyber Security Alliance, published under Public License)