A glossary of common cybersecurity and phishing terms used in security awareness programs.
This glossary explains common cybersecurity terms used in phishing awareness and security training.
Phishing
A cyber attack where attackers send fake messages pretending to be trusted organizations.
Spear Phishing
A targeted phishing attack aimed at a specific person or organization. See how enterprises defend against it →
Vishing
Voice phishing attacks conducted through phone calls.
Smishing
Phishing attacks delivered through SMS text messages. Learn about vishing and smishing simulations →
Social Engineering
Manipulating people into revealing confidential information or performing risky actions.
Phishing Simulation
A training exercise where organizations send fake phishing emails to test employee awareness.
Click Rate
The percentage of employees who click links in a phishing simulation.
Reporting Rate
The percentage of employees who report suspicious emails.
Credential Harvesting
A phishing technique where attackers steal usernames and passwords through fake login pages.
Human Firewall
A term used to describe employees who recognize and report cyber threats.
Phishing Resilience Score
A metric used to measure how resistant an organization is to phishing attacks. How it's calculated →
Related Learning
More Learning Resources
View allWhat is Spear Phishing?
A complete guide to spear phishing attacks — how they work, why they succeed, and how to protect your organization from targeted threats.
What Is Security Awareness Training?
Learn what security awareness training is, why it matters, and how it helps organizations reduce cyber risk caused by human error.
Security Awareness Policy Template
Learn what a security awareness policy should include and how organizations can implement one.
Ready to stop phishing attacks?
Run realistic phishing simulations and high-impact security awareness training with PhishSkill's automated platform.