Security Beginner

What is Phishing?

A social engineering attack that uses fraudulent communications to trick people into revealing sensitive information or installing malware.

Phishing attacks impersonate trusted entities (banks, colleagues, services) through email, SMS (smishing), or phone calls (vishing). They create urgency ("Your account will be closed!") and direct victims to fake websites or malicious attachments.

Protection includes email authentication (SPF, DKIM, DMARC), security awareness training, multi-factor authentication, URL inspection, and anti-phishing tools. Spear phishing targets specific individuals using personalized information.

Related Terms

SOC (Security Operations Center)

A centralized team and facility responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats 24/7.

The process of converting readable data into an unreadable format using algorithms, reversible only with the correct key.

Input Validation

The process of verifying that user-supplied data meets expected formats, types, and ranges before processing it.

DDoS (Distributed Denial of Service)

An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.

JWT (JSON Web Token)

A compact, self-contained token format used for securely transmitting information between parties as a JSON object.

WAF (Web Application Firewall)

A security solution that filters and monitors HTTP traffic between a web application and the internet, blocking common attacks.

View All Security Terms →