Glossary

The vocabulary of modern fraud.

Quick definitions for the terms that show up in our reports, blog, and dashboards.

Brand Impersonation: Using a real brand's name, logo, or look-and-feel without authorization to deceive customers.
DMARC: An email authentication standard that lets a domain owner control which servers can send mail on its behalf.
IOC (Indicator of Compromise): An artifact — URL, IP, hash, certificate — observed in an attack that can be used to detect or block future activity.
Phishing Kit: A bundle of pre-built code and assets used by criminals to spin up new phishing sites quickly.
Preemptive Disruption: Neutralizing criminal infrastructure before it's used in a live attack.
Smishing: Phishing delivered via SMS text messages.
Takedown: The process of getting a malicious asset (site, account, app) removed by its hosting provider or platform.
Typosquatting: Registering domains that are common misspellings of a brand to capture mistyped traffic.