Until recently, most contemporary malware was designed so it could infect the greatest number of people, regardless of who they were. This is known as the shotgun approach to malware. The problem with that method is that IT security and end-user training is beginning to erode the effectiveness of this approach. This is forcing a change in tactics to the point where criminals are now beginning to put malware into very sophisticated and convincing packages to attract a whale or two. Cyber criminals now spend a great deal of time researching their whales and mine information like place of work, job title, names of individuals they interact with, and the names of business partners. It’s not so much that the malware itself is getting more sophisticated, but the spear phishing presentation used to trick the victim certainly is.