1. Phishing – Deceptive attempts to steal personal information via fake emails, messages, or websites.
  2. Spear Phishing – A targeted phishing attack aimed at specific individuals or organizations.
  3. Whaling – A type of spear phishing aimed at high-profile targets like CEOs or executives.
  4. Smishing – Phishing attacks carried out through SMS (text messages).
  5. Vishing – Phishing conducted over the phone (voice phishing).
  6. Clone Phishing – An attack where a legitimate email is copied and altered with malicious links or attachments.
  7. Spoofing – Faking an email address, phone number, or website to appear as a trusted source.
  8. Payload – The harmful element (like malware) delivered in a phishing attack.
  9. Malware – Malicious software designed to damage or steal information, often delivered through phishing.
  10. Ransomware – A type of malware that locks users out of their systems or data until a ransom is paid.
  11. Keylogger – Software or hardware that records keystrokes to steal sensitive information such as passwords or credit card numbers.
  12. Pretexting – A social engineering attack where the attacker creates a fake scenario to steal personal information.
  13. Baiting – Using the promise of a reward (like free software) to trick people into revealing personal information or installing malware.
  14. Quid Pro Quo – An attack that offers something in exchange for information, like posing as tech support offering help in exchange for access credentials.
  15. Impersonation – Pretending to be someone else to gain information, like posing as an employee or trusted partner.
  16. Typosquatting – Registering domain names similar to legitimate sites to trick people into visiting fake websites.
  17. Watering Hole Attack – Compromising a website frequently visited by a target group in order to infect its users with malware.
  18. Credential Harvesting – Phishing attacks designed specifically to steal login credentials.
  19. Keylogger – Software or hardware that tracks keystrokes on a victim’s computer to capture sensitive information.
  20. Man-in-the-Middle Attack (MITM) – Intercepting communication between two parties to steal or alter information.
  21. Business Email Compromise (BEC) – A phishing attack that targets businesses to steal financial information or money.
  22. Reconnaissance – The phase where an attacker gathers information about a target before launching a phishing or social engineering attack.
  23. Shoulder Surfing – A technique where attackers watch over someone’s shoulder to gain personal information, such as passwords.
  24. Social Engineering – Manipulating people into giving up confidential information or performing actions that may compromise security.
  25. Keylogger – Software or hardware that tracks keystrokes on a victim’s computer to capture sensitive information.