A glossary of common cybersecurity and phishing terms used in security awareness programs.
This glossary explains common cybersecurity terms used in phishing awareness and security training.
Phishing
A cyber attack where attackers send fake messages pretending to be trusted organizations.
Spear Phishing
A targeted phishing attack aimed at a specific person or organization. See how enterprises defend against it →
Vishing
Voice phishing attacks conducted through phone calls.
Smishing
Phishing attacks delivered through SMS text messages. Learn about vishing and smishing simulations →
Social Engineering
Manipulating people into revealing confidential information or performing risky actions.
Phishing Simulation
A training exercise where organizations send fake phishing emails to test employee awareness.
Click Rate
The percentage of employees who click links in a phishing simulation.
Reporting Rate
The percentage of employees who report suspicious emails.
Credential Harvesting
A phishing technique where attackers steal usernames and passwords through fake login pages.
Human Firewall
A term used to describe employees who recognize and report cyber threats.
Phishing Resilience Score
A metric used to measure how resistant an organization is to phishing attacks. How it's calculated →
Related Learning
More Learning Resources
View all learning resourcesBusiness Email Compromise (BEC) Explained
Learn what Business Email Compromise (BEC) is, how these sophisticated financial scams work, and the strategies organizations can use to defend against them.
Quick Guide: Spear Phishing
A complete guide to spear phishing attacks — how they work, why they succeed, and how to protect your organization from targeted threats.
Quick Guide: Phishing Simulation Frequency
Learn how often organizations should run phishing simulations to improve employee security awareness.
Ready to stop phishing attacks?
Run realistic phishing simulations and high-impact security awareness training with PhishSkill's automated platform.