The nature of cyber-attacks has changed dramatically in recent years. Over this period, there has been a rise in businesses experiencing phishing attacks (from 72% to 86%).
In order to counter this, users must become increasingly wise to the ways in which cyber criminals attempt to gain user’s information and the protection steps required be that solution or policy based. The first step is to understand the sheer amount of jargon and cyber crime terminology. We’ve provided a list of phrases to help you better understand cyber-crime. Here is Vissensa’s guide to cyber security terms and definitions

Most Common Cyber Security Terms and Definitions


A general umbrella term that describes all forms of malicious software – specifically designed to damage, disrupt or gain unauthorized access to a computer system or network. This can include viruses and ransomware.


A form of malware designed to prevent users from accessing files on a computer – holding data hostage. It will typically encrypt the files on the device and request that a ransom be paid to have them decrypted or recovered. Recent ransomware attacks include companies like Acer, Northern Rail, and even the NBA!


Phishing is when cyber criminals trick you into disclosing personal or financial information by pretending to be a legitimate source. Similar to how fishermen cast a line with bait attached, these scammers send out seemingly legitimate e-mails, hoping to catch you off guard.

Cyber criminals often create a phishing campaign with entire websites and links customised to look like official banks or businesses so they can gain your trust and lower your guard. In many cases, a phishing email can install malware without you even entering any credentials.

Spear Phishing

How do spear phishing attacks differ from standard phishing attacks? Similar to phishing, this also involves a cyber-criminal trying to gain personal information while pretending to be a legitimate source. However, the targets of this approach are often specific and well-researched and can even be carried out by someone you know! The specificity of this approach often means a user believes the contact to be from someone they know.

Whaling (aka CEO Fraud)

A whaling attack is when cyber criminals pose as a senior member of an organisation. Directly targeting employees by making communication appear as though they have come from the “Big phish” or “Whales” of the organisation, such as the CEO. Modern whaling is conducted with the aim of stealing money/sensitive information or gaining access to their computer systems for criminal purposes.

For more information on Phishing and how to protect yourself from this increasingly more common attack, check out our free data security guide!

Social Engineering

Social engineering fraud is the psychological manipulation of people in the hopes of gaining access to their confidential information. This approach uses deceptive means in order to manipulate the individuals they prey upon. The most common form of social engineering is phishing where users are manipulated into believing the bait or content of the email.

Identity Theft

Identity theft often occurs when a “bad actor” pretends to be you to access resources such as credit cards, bank accounts and services. Social media identity theft is growing increasingly common. However, this isn’t always done digitally and can happen simply by your credit card falling into the wrong hands.

Email Bombing/Scamming

Email bombing cyber crime is when a cyber-criminal (or email bomber) sends large volumes of email to a target address resulting in victim’s email account or mail servers crashing. “Spamming” is a variant of email bombing where unsolicited bulk messages are sent to many users. Additionally, opening links given in spam mails could lead you to phishing websites.


Hacking refers to the actual act of an intruder accessing a user’s computer system without permission. Hackers are usually experts in one particular software, program or language and commonly misuse this knowledge for personal gain.

Trojan horse

A program that seems innocent and harmless, but contains code designed to discretely access information or computer systems without the user’s knowledge.

While this only begins to scratch the surface of cyber security terms and definitions, it should provide you with a foundation to help your understanding of the basic terms. If you’re looking for more information on how to best protect your business against cyber threats, check out our data security and backup page.

If you would like to find out how good your data security is, take our quick quiz …