Spear Phishing is an attack aimed at a specific person, with cyber criminals seeking to manipulate a targeted victim into actioning a request via email, usually to click on a link or attachment or respond to an invoice.
The Spear Phishing email will be addressed to the recipient and might even contain a common reference, possibly garnered from social media or referring to other employees. Being targeted and with the email personalised, the request becomes much more plausible and likely to be actioned.
There are prevention methods you can use against Spear Phishing emails:
Implement anti-spoofing controls to stop your email addresses from being a resource for attackers (e.g. DMARC). An email is far more believable if a cyber criminal pretends to be from within the organisation itself.
Consider what information is available to attackers on your website and social media accounts.
Add a filter/ block system to stop incoming Spear Phishing emails.
Ensure that your software is always up to date.
Protect your accounts with 2 Factor Authentication (2FA).