APWG (Anti-Phishing Working Group – https://apwg.org/):
An industry working group dedicated to fighting fraud through education and research.
An application run on a device that scans memory, network traffic, and other applications for suspicious behavior and activities that are consistent with malicious intent.
Business Email Compromise (BEC):
A phishing tactic targeting company employees by claiming to an executive or upper-level supervisor needing sensitive information or favors that only the victim can fulfill.
CERT (Computer Emergency Response Team):
A team of people dedicated to assisting with emergency issues arising from malware, network attacks, or malicious activities. The team can be associated with a company, a region (such as a country or locale), or more broadly.
The successful penetration and unauthorized access into a computer system or network. Commonly followed up by the theft of sensitive data (such as private financial records, emails, or intellectual properly).
HTTPS (Secure Hypertext Transfer Protocol):
An extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network.
The action that describes when personal information (like Social Security number, license number, address, etc) is used to assume the identify of someone else. Typically this personal information is stolen and used to gain access to a victim’s existing accounts or to open new fraudulent ones.
A type of application specifically designed to disrupt, damage, or gain unauthorized access to a computer system.
Multi-Factor Authentication (MFA):
A security protocol that requires two or more steps to access an account. Rather than just username/password, an MFA-enabled website may send your phone a dynamic, one-time-use code which must be typed in before the login process can be completed.
A type of social engineering where an attacker sends a fraudulent message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim’s infrastructure like ransomware.
Scanning a QR code that send the victim to a malicious website.
A type of malicious software designed to block access to a computer system until a sum of money (ransom) is paid. Once executed on a single computer, ransomware can spread laterally to nearby computers to encrypt and lock as much information as possible, thereby increasing recovery costs, time by encouraging the victim(s) to pay the ransom.
A phishing attack performed on mobile phones via SMS text messages. Typically, the attack involves the victim receiving an SMS message asking them to click on a phishing link or send over private information.
Unsolicited communications, such as email, SMS messages, or phone calls, commonly sent out in bulk.
Similar to normal phishing, except the target audience is restricted to a smaller set of high-target individuals such as bankers or government officials.
The act of pretending to be someone else, often manifested in phishing emails where the sender disguises their “From” address to be from a well known domain or where the legitimate logos are used to convince the user that the email can be trusted.
A technique in which an attacker gains access to an email account and, through the course of monitoring email threads, will inject phishing URLs, malware, or other malicious information into the email conversation. The attacker can leverage the trust the account has to encourage victimization.
TTPs (Tactics, Techniques, and Procedures):
The behavior of an actor. A Tactic is the highest-level description of this behavior. Techniques give a more detailed description of behavior in the context of a tactic. Procedures are a lower-level, highly detailed description in the context of a technique.
Similar to normal phishing, except the mode of communication is via voice, rather than traditional email. Typically, the phisher calls the victim and entices him/her to give up personal information through social engineering tactics.
VPN (Virtual Private Network):
An extension of a private network across a public network that enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. VPNs help protect people from phishing attacks.
A very specialized type of spear phishing attack. The most common form of whaling targets senior company officials where the ROI of the attack may be much higher than normal phishing.