Cybersecurity Glossary
A glossary of definitions for various terms and concepts that relate to the cybersecurity domain.
| Definition | Description |
|---|---|
Angler Phishing |
Angler phishing is a type of phishing attack where cybercriminals use fake social media profiles to find and compromise victims. |
Black Hat Hackers |
A black hat hacker is someone who breaks into systems with malicious intent. Learn how they operate, what motivates them, the tactics they use, and how to protect yourself. |
Botnets |
A botnet is a collection of compromised computers or devices that are linked together and controlled by an attacker to perform malicious tasks, without the users’ knowledge. |
Business Email Compromise |
Business Email Compromise (BEC) is a type of highly sophisticated email phishing attack where cybercriminals impersonate trusted individuals to try and mislead or manipulate a victim. |
Calendar Phishing |
Hackers are hijacking calendars to deliver hidden phishing attacks. Learn how these sneaky invites work and how to stop them before they strike. |
Callback Phishing |
Callback phishing is a type of phishing attack where scammers entice victims to call a phone number and reveal sensitive information. |
Call Center Scams |
Call center scams are a type of fraud in which criminals use phone calls to trick people into giving them money or personal information. |
Catfishing |
Catfishing is a type of online scam where someone creates a fake identity, often using stolen photos and fictitious information to trick a victim into forming a relationship with them. |
Dark Web |
The dark web is a concealed part of the Internet that cannot be accessed through standard search engines, while it’s widely known for its illegal content, it also hosts legal activity. |
Executive Phishing |
Executive phishing is a type of highly sophisticated email phishing attack where cybercriminals impersonate senior management or executives within a business to try and mislead or manipulate employees. |
Evil Twin Phishing |
Evil twin phishing is a type of phishing attack where scammers create fake WiFi networks that have the same SSID as legitimate WiFi networks to trick victims into connecting to them. |
Grey Hat Hacker |
A grey hat hacker is a cybersecurity term for someone who finds and exposes security vulnerabilities without permission but not with malicious intent. They operate outside legal or ethical boundaries, often hacking into systems to highlight flaws and then disclosing them after the fact. |
Honeypot |
A honeypot is a cybersecurity decoy that lures attackers to fake systems so their behavior can be observed and analyzed. |
Human Risk Management |
Human Risk Management (HRM) is about understanding how human behaviors, decisions, and actions can impact an organization's cybersecurity posture. |
Keylogger |
A keylogger is hidden software or hardware that records every keystroke to capture passwords, payment details and private messages, and while it can be used for legitimate monitoring it is often abused to steal credentials and enable long term surveillance. |
Malvertising |
Malvertising is a type of phishing attack where cybercriminals use paid advertisements to distribute malware. |
Phishing Link |
Phishing links are malicious URLs designed to appear as legitimate websites or services. |
Pig Butchering |
Pig butchering is a deceptive online scam where scammers slowly build emotional and financial trust with victims before vanishing with their money. |
Quishing |
Quishing is a type of phishing attack where scammers use QR codes to trick victims into opening malicious links or downloading malicious files. |
Scambaiting |
Scambaiting is when someone poses as a victim to trick scammers, waste their time, gather intel for authorities, and raise awareness by sharing the encounters online. |
Smishing |
Smishing is a type of phishing attack where cybercriminals use SMS messages to distribute malware or impersonate trusted individuals to try and mislead or manipulate a victim. |
Supply Chain Attack |
A supply chain attack occurs when attackers compromise a trusted vendor, software provider or contractor to insert malicious code or hardware that reaches downstream victims, using the trust built into supply relationships to bypass direct defenses. |
Trojan |
A trojan is a cybersecurity term for a type of malware that disguises itself as something harmless like a legitimate application or document and tricks you into installing it. |
Typosquatting |
Typosquatting, also known as URL hijacking, is a form of cyberattack in which hackers target internet users who incorrectly type a URL into their web browser rather than using a search engine. |
Vishing |
Vishing is a type of phishing attack where cybercriminals abuse the intimate nature of voice calls to try and manipulate a victim through coercion or manipulation. |
White Hat Hacker |
White hat hackers legally hack systems to find and fix security flaws before criminals do. Learn what they do, how they’re paid, and how to become one. |