Scam glossary
The language of fraud explained simply: phishing, smishing, spoofing, money mules, sextortion and the other terms worth knowing.
Understanding the vocabulary of fraud helps you spot it faster. Here are the terms you will come across most often, explained simply.
Phishing
Phishing means impersonating a trusted organisation in order to extract information or money from you. The message imitates a bank, a delivery company or a government body. See our guide to email and SMS phishing and the message analyser.
Smishing
Smishing is phishing by SMS. The fake parcel notice or the bogus fine are typical examples. The channel changes, but the trap stays the same.
Vishing
Vishing is phishing by voice, over the phone. A fake bank adviser or a fake technical support agent calls to put you under pressure. See phone scams.
Spoofing
Spoofing is the forging of a technical identity: a phone number, an email address or a displayed sender name that looks legitimate while being falsified. This is why a familiar number never guarantees the caller's identity.
Typosquatting
Typosquatting means registering a domain name very close to a well known brand, with a typo or a different extension, to deceive the eye. The link checker helps you detect it.
Pharming
Pharming redirects a victim to a fake website even when they type the correct address, by corrupting domain name resolution. Rarer, but formidable.
Money mule
A mule is a person who, sometimes unknowingly, receives then transfers money obtained through fraud. Fake job offers often recruit mules. See job scams.
Sextortion
Sextortion is a form of blackmail: the scammer claims to hold intimate images and threatens to release them unless paid. Often, they have nothing. See the romance scam.
Ransomware
Ransomware encrypts your files and demands a ransom to unlock them. Prevention relies on backups and caution with attachments.
Skimming
Skimming is the copying of bank card data using a device fitted to a cash machine or a payment terminal. See banking scams.
Carding
Carding refers to the fraudulent use of stolen card numbers, often tested on small purchases before larger operations.
419 fraud
The 419 fraud, known as the Nigerian scam, promises a large sum (an inheritance, a partnership) in exchange for advance fees that lead nowhere. The number refers to an article of law.
SIM swapping
SIM swapping means having your mobile number transferred to a SIM card controlled by the scammer, in order to intercept the codes received by SMS. Prefer app based two factor authentication.
Two factor authentication
Two factor authentication (2FA) adds a second proof to your password, for example a code generated by an app. It blocks most account takeovers, even if the password has leaked. Test your passwords with our checker.
IBAN
The IBAN identifies a bank account. A valid IBAN is not necessarily that of a trustworthy person. Its structure can be checked with the IBAN checker.
Social engineering
Social engineering manipulates the victim through trust, urgency or fear rather than through technology. It is the heart of nearly every scam. When in doubt, take the quick test.