A glossary of common cybersecurity and phishing terms used in security awareness programs.
This glossary explains common cybersecurity terms used in phishing awareness and security training.
Phishing
A cyber attack where attackers send fake messages pretending to be trusted organizations.
Spear Phishing
A targeted phishing attack aimed at a specific person or organization. See how enterprises defend against it →
Vishing
Voice phishing attacks conducted through phone calls.
Smishing
Phishing attacks delivered through SMS text messages. Learn about vishing and smishing simulations →
Social Engineering
Manipulating people into revealing confidential information or performing risky actions.
Phishing Simulation
A training exercise where organizations send fake phishing emails to test employee awareness.
Click Rate
The percentage of employees who click links in a phishing simulation.
Reporting Rate
The percentage of employees who report suspicious emails.
Credential Harvesting
A phishing technique where attackers steal usernames and passwords through fake login pages.
Human Firewall
A term used to describe employees who recognize and report cyber threats.
Phishing Resilience Score
A metric used to measure how resistant an organization is to phishing attacks. How it's calculated →
Related Learning
More Learning Resources
View all learning resourcesQuick Guide: Deepfake Phishing
Deepfake phishing uses AI-cloned voices and video to impersonate executives. Learn how it works and the verification habits that stop it.
Business Email Compromise (BEC) Explained
Learn what Business Email Compromise (BEC) is, how these sophisticated financial scams work, and the strategies organizations can use to defend against them.
Quick Guide: Human Risk Management
Understand how organizations measure and reduce cyber risk caused by human behavior.
Ready to stop phishing attacks?
Run realistic phishing simulations and high-impact security awareness training with PhishSkill's automated platform.