Phishing for Terms

Area 1 Security | @area1security

Here we find one word, aput, expressing SNOW ON THE GROUND; another one, qana, FALLING SNOW; a third one, piqsirpoq, DRIFTING SNOW; and a fourth one, qimuqsuq, A SNOWDRIFT.

Our security community has too many words. A proliferation of minute distinctions around various social engineering methods have left individuals and companies floundering through a web of extraneous linguistic semantics that create ambiguity and confusion.

Phishing, Spear Phishing, Spam, Whaling, Malvertising, Vishing, SMiShing

“Phishing” is an attempt to acquire access or information by masquerading as a trustworthy entity. It is the first phase in over 97% of cyber campaigns. The essential elements are luring an unsuspecting victim with bait (files to download, links to click, and forms to complete) in an attempt to acquire access or information. Neither the delivery method nor the target should be used to distinguish the attacks.

Phishing is not SPAM

SPAM is fraud and nothing more than an unwanted nuisance. Its worse offense is to clutter user inboxes with everything unwanted from Viagra advertisements to Nigerian princes with poor grammar. However, according to our research, nine out of 1 million messages to an organization are of a sophisticated and targeted nature as to cause damage that are phishing and not SPAM.

For an ever-growing and real-time glossary of today’s cybersecurity buzzwords, check out Area 1’s Cyber Glossary.