Security Glossary

Common breach and scam terms, translated into plain English.

If a breach page says credential stuffing or payment-themed phishing campaign, this glossary tells you exactly what it means and what to do next.

Run free exposure scan Browse terms

Attacks

What is phishing?

Phishing is when attackers pretend to be trusted brands or people to trick you into giving passwords, codes, or payment details.

What is a phishing campaign?

A phishing campaign is a coordinated wave of scam messages built around one story, like refunds, invoices, or security alerts.

What is credential stuffing?

Credential stuffing is when attackers test leaked email-password pairs on many websites, hoping people reused passwords.

What is account takeover?

Account takeover (ATO) is when someone gains control of your account and can change settings, spend money, or lock you out.

What is social engineering?

Social engineering is psychological manipulation used to make people share information or approve harmful actions.

What is smishing (SMS phishing)?

Smishing is phishing through text messages, usually using fake delivery, banking, or refund alerts.

What is spear phishing?

Spear phishing is targeted phishing aimed at a specific person, team, or role using tailored details.

What is SIM swapping?

SIM swapping is when attackers convince a telecom provider to move your number to their SIM card.

What is doxxing?

Doxxing is publishing or sharing personal information to harass, intimidate, or target someone.

What are impersonation scams?

Impersonation scams happen when attackers pretend to be a trusted person, company, or support team to gain access or money.

Account security

What is multi-factor authentication (MFA)?

MFA adds a second login check after your password, like an app code or hardware key.

Exposure types

Data breach vs data leak: what is the difference?

A breach usually means unauthorized access. A leak usually means data became exposed through poor controls or accidental disclosure.

What is identity theft risk after a breach?

Identity theft risk means exposed personal details could be used to impersonate you for fraud, account creation, or social scams.

What does dark web exposure mean?

Dark web exposure means your data is reported as circulating in underground markets or forums, often packaged with other leaked data.

What is a data broker?

A data broker is a company that collects, combines, and sells personal-data profiles from multiple sources.

Recovery actions

What is a password manager?

A password manager stores unique passwords and helps you avoid dangerous password reuse.

FAQ

Why does this glossary sit next to breach pages?

Breach updates often use technical terms that are obvious to security teams but unclear for normal users. This glossary translates those terms into practical actions.

Does understanding terms reduce risk?

Yes. Better understanding helps users spot scams faster, prioritize the right account protections, and avoid low-value panic steps.