Головна Blog Ціни Про нас History API Extension

UK

IsThisAScam

Independent scam & phishing analysis. Free for individuals. APIs for developers.

Operated by Zeplik, Inc.

Продукт

Home
Blog
Pricing
Про нас
History
Chrome Extension

Resources

Developers
Документація API
Phishing brief
Romance scams
Tech support
Crypto scams
Apple scams
PayPal scams

Правова інформація

Політика конфіденційності
Умови використання
product@zeplik.com

© 2026 Zeplik, Inc. Усі права захищено.

Built for the calm, the cautious, and the careful.

Reference

Cybersecurity Glossary.

Plain-language definitions of every scam type, attack vector, and security concept you need to understand to stay safe online.

44 Terms

Advance Fee Fraud Baiting Botnet Brute Force Attack Business Email Compromise Catfishing Clickjacking Credential Stuffing Cryptocurrency Scam Dark Pattern Deepfake DKIM DMARC Identity Theft Keylogger Malware Man-in-the-Middle Money Mule Pharming Phishing Pig Butchering Ponzi Scheme Pretexting Ransomware Romance Scam Rug Pull Shoulder Surfing SIM Swapping Skimming Smishing Social Engineering Spear Phishing SPF Spoofing Spyware Tailgating Tech Support Scam Trojan Two-Factor Authentication Typosquatting Vishing Watering Hole Attack Whaling Zero-Day Exploit

Attack Vector

Fraudulent messages disguised as trusted sources to steal information.

Targeted phishing using personal information about the victim.

Spear phishing aimed at senior executives and high-value individuals.

Phishing via SMS text messages.

Phishing via phone calls (voice phishing).

Transferring a victim's phone number to steal 2FA codes.

Credential Stuffing

Using stolen passwords to break into accounts where they were reused.

Brute Force Attack

Systematically trying every password combination.

Man-in-the-Middle

Intercepting communications between two parties.

Disguising communications to appear from a trusted source.

Redirecting website traffic to fraudulent sites via DNS manipulation.

Registering misspelled domain names to catch typing errors.

Tricking users into clicking hidden elements on web pages.

Watering Hole Attack

Compromising websites frequented by a target group.

Stealing card data with hidden devices at ATMs and terminals.

Shoulder Surfing

Watching someone enter PINs or passwords in public.

Scam Type

Creating a fake online identity to deceive others.

Long-con combining romance and fake investment platforms.

Crypto developers abandoning a project and stealing investors' funds.

Using new investors' money to pay returns to earlier investors.

Advance Fee Fraud

Requiring upfront payment for a promised larger sum that never arrives.

Business Email Compromise

Fraudulent emails targeting businesses to authorize wire transfers.

A person who transfers stolen money on behalf of criminals.

Cryptocurrency Scam

Fraud exploiting crypto complexity to steal money.

Fake online relationships used to extract money from victims.

Tech Support Scam

Posing as tech support to charge for fake computer repairs.

Stealing personal information to commit fraud in someone's name.

Social Engineering

Social Engineering

Manipulating people into revealing information or taking harmful actions.

Creating a fabricated scenario to extract information.

Luring victims with tempting offers to compromise security.

Following authorized people through secured entrances.

Technical

Malware that encrypts files and demands payment for the decryption key.

Any software designed to damage or gain unauthorized access to systems.

Malware disguised as legitimate software.

Software or hardware that records keystrokes to steal passwords.

Software that secretly monitors and collects user activity data.

AI-generated fake videos, audio, or images of real people.

Deceptive UI design that tricks users into unintended actions.

Zero-Day Exploit

Attacking an unknown vulnerability before a patch exists.

Network of compromised devices controlled remotely by criminals.

Defense

Email authentication using digital signatures to verify the sender.

Email protocol specifying which servers can send for a domain.

Policy layer tying SPF and DKIM together for email authentication.

Two-Factor Authentication

Requiring two forms of ID to access an account.

Suspect Something?

Run a scan on the message you received.