Glossary
Spear phishing
A tailored phishing attack that targets a specific person with information about them to appear credible.
Spear phishing is targeted phishing: instead of a mass send, the attacker aims at one particular person. They use true details (their job, their colleagues, a current project) to make the message convincing. When it targets a director to obtain a transfer, it is called CEO fraud.
See also
Attack surfaceThe set of possible ways in for an attacker: exposed services, accounts, devices, and even people.VPNAn encrypted tunnel that protects your connection between your device and a remote network.Zero-dayA flaw still unknown to the vendor, and therefore with no patch: attackers can exploit it before any defence exists.Zero trustA security approach that trusts no one by default and verifies every access.