A spearfishing attack is an attack that is directed to a specific person or department of an organization via email.
Such email must look like from a legitimate person or trusted source and will ask the person or a department to execute an action. Most of such attacks will ask the person or department to run a payment or install a program or open a specific document.
This kind of attack is not very technical but more psychological.
To successfully execute such an attack the perpetrator needs to do background information checks on the company and the department.
To visualize the attack imagine someone that is trying to get the big fish with a spear rather than fishing with a big hoping to catch anyone.
And this, in a nutshell, is the difference between spear phishing and phishing.