Online Scams and Cyber Threats: Glossary

A to Z glossary of most common online scams and cybersecurity threats.

This A–Z glossary makes it easy to locate and learn about the most common online scams and cybersecurity threats.  Each entry is followed by a short and clear definition.  This list is designed to help parents, educators, and everyday internet users stay safe and informed.  To read more about each one, Google It! 🙂

A

  • Ad Fraud:   Scam where fake clicks or views are generated to steal advertising money.
  • Advance-Fee Scam:   Fraud promising large sums of money in return for an upfront payment.
  • Adware:   Software that forces unwanted ads onto a user’s device.
  • ATM Skimming:   Device placed on ATMs to steal card information and PINs.
  • Account Takeover:   Criminals gain unauthorized control of an online account.
  • AI-Powered Phishing:   Scams using AI to create realistic fake emails or messages.

B

  • Bait-and-Switch:   Advertising one product but delivering something inferior.
  • BEC (Business Email Compromise):   Targeted scam tricking companies into transferring money.
  • Bitcoin Scam:   Fraud using fake crypto investments or wallets to steal funds.
  • Blackmail Scam:   Criminals threaten to release private info unless payment is made.
  • Bluetooth / Smart Device Exploits:   Eavesdropping, device hacking, BlueBorne vulnerabilities.
  • Botnet:   Network of infected computers controlled remotely for attacks or spam.
  • Brute Force Attack:   Automated guessing of passwords until access is gained.
  • Browser Hijacker:   Malicious software that redirects searches or changes homepage settings.

C

  • Catfishing:   Creating a fake online identity to deceive victims.
  • Charity Scam:   Fake charities collect donations that never reach the cause.
  • Click Fraud:   Bots or people click ads repeatedly to drain advertiser budgets.
  • Clone Phishing:   Fake copy of a legitimate email used to trick users.
  • Credential Stuffing:   Using stolen login details across multiple websites.
  • Crypto Mining Malware:   Hidden software that hijacks devices to mine cryptocurrency.
  • Cryptojacking:   Unauthorized use of someone’s computer to generate cryptocurrency.
  • Credit Card Skimming:   Theft of card info via hidden readers at payment terminals.

D

  • Data Breach:   Unauthorized access and theft of sensitive information from a system.
  • Deepfake Scam:   AI-manipulated videos or audio used to impersonate people.
  • Denial-of-Service (DoS):   Attack that floods a system or website with traffic to make it unavailable.
  • Disaster Relief Scam:   Fake appeals for donations after natural disasters.
  • DNS Spoofing:   Redirecting internet traffic to fake websites by corrupting DNS records.
  • Drive-By Download:   Malware installed automatically when visiting an infected website.
  • Dumpster Diving:   Stealing sensitive data from discarded physical documents or hardware.

E

  • Eavesdropping Attack:   Unauthorized interception of private communication.
  • Email Spoofing:   Forged sender address in an email to trick recipients.
  • Event / Ticket Scams:   Fake ticket offers, fraudulent streaming services around events.
  • Elder Fraud:   Scams that specifically target older adults.
  • E-skimming:   Injecting malicious code into online stores to steal credit card details.
  • Exploit Kit:   Toolkits hackers use to find and exploit system vulnerabilities.
  • Extortion Scam:   Criminals demand payment by threatening harm or exposure.

F

  • Fake Antivirus Scam:   Fraudulent software that pretends to detect viruses to scare users into paying.
  • Fake Job Offer Scam:   Criminals trick victims with bogus employment opportunities to steal info or money.
  • Fake Tech Support Scam:   Fraudsters pose as IT staff, demanding payment to “fix” fake issues.
  • Fake Shopping Website:   Fraudulent e-commerce sites that steal payment information or never deliver goods.
  • Fitness App Scams:   Using of social fitness apps or trackers to gather info, build fake relationships, or push fraudulent products.
  • Formjacking:   Inserting malicious code into online forms to capture user data.
  • Friend Impersonation Scam:   Criminals impersonate friends on social media or email to request money.
  • Fraudulent Investment Scheme:   Promises of high returns with little risk, used to steal funds.

G

  • Gambling Scam:   Fake gambling sites rigged to steal money.
  • Gift Card Scam:   Criminals demand payment in gift cards to avoid traceability.
  • Gig Work Scam:   Fake freelance jobs that steal work or personal info.
  • Google Docs Phishing:   Fraudulent shared documents used to trick users into giving credentials.
  • Grandparent Scam:   Callers impersonate grandchildren in distress to steal money.

H

  • Hacktivism:   Cyberattacks carried out to promote political or social causes.
  • Honeypot Trap:   Fake system set up by hackers to lure victims.
  • Hoax Email:   False messages designed to scare or mislead recipients.
  • HTML Smuggling:   Hiding malware in harmless-looking web files.
  • Hybrid Attack:   Mix of brute force and dictionary attacks to guess passwords.

I

  • Identity Theft:   Criminals use stolen personal data for fraud.
  • Impersonation Scam:   Pretending to be someone else to commit fraud.
  • Infected Attachments:   Malware spread through files attached to emails.
  • Influencer Scam:   Fake social media personalities used to sell scams or steal data.
  • Invoice Fraud:   Fake bills sent to trick businesses into paying.

J

  • Jailbreaking Malware:   Malicious apps disguised as jailbreaking tools.
  • Job Scams:   False employment opportunities stealing personal or banking info.
  • Juice Jacking:   Malware installed through public USB charging stations.

K

  • Keylogger:   Malware that records keystrokes to steal login info.
  • Kidnap Scam:   Criminals falsely claim a family member is kidnapped to demand ransom.
  • Knowledge-Based Authentication Exploit:   Using stolen personal info to bypass security questions.

L

  • Loan Scam:   Fake lenders offering quick loans to steal fees or data.
  • Lottery Scam:   Victims told they won a lottery but must pay fees to claim.
  • Love Scam:   Romance-based scam exploiting emotional relationships for money.
  • Logic Bomb:   Malicious code triggered by specific conditions in a system.

M

  • Macro Virus:   Malware hidden in Office documents that executes malicious code.
  • Malvertising:   Online ads used to spread malware.
  • Man-in-the-Middle Attack (MITM):   Intercepting communication between two parties to steal data.
  • Money Mule Scam:   Criminals recruit people to launder stolen funds.
  • Mortgage Scam:   Fraud targeting homeowners with fake refinancing deals.
  • Mystery Shopper Scam:   Victims paid with fake checks and asked to send back real money.

N

  • Nigerian Prince Scam:   Classic advance-fee email fraud promising wealth.
  • Number Spoofing:   Faking caller ID to appear as a trusted number.
  • NFT Scam:   Fraud using fake or worthless digital collectibles to trick investors.
  • Non-Delivery Scam:   Buyers pay for goods or services that never arrive.

O

  • Online Dating Scam:   Fraudsters posing as romantic partners to exploit victims.
  • One-Time Password Theft:   Criminals steal or intercept temporary login codes.
  • Overpayment Scam:   Scammers send fake payments and demand refunds.
  • Overlay Malware:   Fake login screens placed over real apps to capture credentials.

P

  • Pagejacking:   Redirecting users from real websites to fake ones.
  • Password Spraying:   Trying common passwords across many accounts.
  • Payment App Scams:   Fraudulent requests or spoofed payment/banking apps, including app-store impersonation.
  • Payment Fraud:   Unauthorized use of payment methods to steal money.
  • Peer-to-Peer Scam:   Criminals exploit direct money transfer apps.
  • Pharming:   Redirecting website traffic to fraudulent sites.
  • Phishing:   Fake emails or sites tricking victims into sharing data.
  • Pig Butchering Scam:   Long-term romance/investment scam draining victims financially.
  • Ponzi Scheme:   Fraudulent investment paying returns with new investors’ money.
  • Pyramid Scheme:   Fraud relying on recruitment rather than real products.

Q

  • QR Code Scam:   Fake QR codes directing users to phishing or malware sites.
  • Quishing:   Phishing via malicious QR codes.
  • Quarantine Scam:   Fake health or pandemic-related fraud exploiting fear.

R

  • Ransomware:   Malware that encrypts files and demands payment for access.
  • Remote Access Trojan (RAT):   Malware giving attackers full control over a device.
  • Reshipping Scam:   Victims asked to forward stolen goods, becoming money mules.
  • Rogue Security Software:   Fake antivirus tools that demand payment.
  • Romance Scam:   Emotional manipulation to steal money under false relationship pretenses.
  • Rogue Wi-Fi Hotspot:   Fake wireless networks used to intercept data.

S

  • Scareware:   Software that tricks users into thinking they’re infected, demanding money.
  • SIM Swapping:   Criminals hijack phone numbers to steal accounts and 2FA codes.
  • Skimming:   Hidden devices steal card data at ATMs or POS machines.
  • Smishing:   Phishing attacks via SMS text messages.
  • Social Engineering:   Manipulating people into revealing confidential info.
  • Spear Phishing:   Highly targeted phishing aimed at specific individuals.
  • Spyware:   Malware that secretly monitors user activity.
  • Subscription Scam:   Hidden recurring charges after “free trials.”
  • Supply Chain Attack:   Infiltrating a vendor to target its customers.
  • Swatting:   False emergency calls sending police to a victim’s address.

T

  • Tech Support Scam:   Fraudsters claim to fix fake computer problems for money.
  • Trojan Horse:   Malware disguised as a legitimate program.
  • Typosquatting:   Registering misspelled domain names to trick users.
  • Two-Factor Authentication Bypass:   Exploiting weaknesses in multi-step verification.

U

  • Unemployment Fraud:   Criminals steal benefits by filing fake claims.
  • URL Phishing:   Malicious links that mimic trusted websites.
  • Unauthorized Access:   Entering systems or accounts without permission.
  • Unpatched Software Exploit:   Attacks exploiting outdated, unpatched programs.

V

  • Vaccine Scam:   Fraudulent health offers tied to vaccines.
  • Vishing:   Voice call phishing where scammers impersonate trusted sources.
  • Virus:   Malicious code that spreads across systems, often destroying data.
  • Voice Cloning Scam:   AI-generated voices impersonating people for fraud.
  • VPN Scams:    VPN services that steal user data.

W

  • W-2 Scam:   Criminals trick businesses into sending employee tax data.
  • Wailing Attack:   Targeted phishing against top executives.
  • Watering Hole Attack:   Infecting sites frequently visited by a target group.
  • Web Skimming:   Stealing credit card data from e-commerce checkout pages.
  • Worm:   Malware that spreads without human action, often across networks.

X

  • XSS (Cross-Site Scripting):   Injecting malicious scripts into trusted websites.
  • Xerox Scam:   Fraudulent printer/copier lease schemes tricking businesses.
  • XML Injection:   Malicious code inserted into XML documents to exploit apps.

Y

  • YouTube Monetization Scam:   Fake offers promising income for uploading videos.
  • Youth Targeting Scam:   Fraud aimed at teenagers via gaming or social apps.
  • Yield Farming Scam:   Fraudulent crypto projects promising unrealistic returns.

Z

  • Zero-Day Exploit:   Attacks using vulnerabilities before they are patched.
  • Zombie Bot:   Infected computer controlled remotely for cyberattacks.
  • Zoom Phishing:   Fake meeting links used to steal credentials.
  • Zelle Scam:   Criminals trick users into sending money through Zelle or similar apps.

Learn more about Scams and Cybersecurity Threats

Read about common scams to be aware of and prepare for.
Explore emerging online scams.

Share This Article
Safe Internet for Schools

Safe Internet for Schools

Google for Doodle Contest

Doodle for Google 2025

Online Coding for Kids

Online Coding Classes

STEM Education