Fraudulent process of attempting to acquire private or confidential information by masquerading as a trustworthy entity in an electronic communication.
- NOTE Phishing can be accomplished by using social engineering or technical deception.
Source: ISO/IEC 27032:2015, Information technology — Security techniques — Guidelines for cybersecurity, First Edition, July 2012. Global Standards
A digital form of social engineering to deceive individuals into providing sensitive information.
Adapted from: NCSD Glossary, CNSSI 4009, NIST SP 800-63 Rev 1.
Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Type of security attack that lures victims to reveal information, by presenting a forged email to lure the recipient to a web site that looks like it is associated with a legitimate source.
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard