Call-based fraud is a cybersecurity attack in which fraudsters attempt to obtain personal information or money over the phone. Attackers often pose as bank employees or other trusted individuals to gain the trust of the targeted individuals and trick them into providing sensitive information, such as bank details or passwords.
Glossary
Click fraud is the artificial generation of clicks on internet advertisements to increase advertising revenue, hinder business competitors or collect data. It is usually carried out by automated bots pretending to be genuine enquirers.
Clickjacking is an attack where the user clicks on a seemingly harmless element without noticing, meanwhile, another hidden malicious element is activated. Attackers may place hidden buttons or links on a camouflaged interface that manipulates user interaction, for example, to perform financial transactions or change settings.
Pieces of data that are stored on your computer or, more specifically, in your browser software (Google Chrome, Mozilla Firefox, Microsoft Edge, etc.) by the websites you visit. Cookies allow you, for example, to return to a webshop page and see the product you viewed on your last visit first, or to keep products you have previously added to your shopping cart. They help websites to provide a personalised experience. Cookies are essential for the convenient functioning of the internet, but they can also be a source of security concerns, most notably in the case of 3rd party cookies (notably zombie cookies, of which multiple copies are stored in the browser and therefore "resurrect" even after deletion), which are used by marketers to track users' activity.
Credential stuffing is an attack where attackers use stolen, leaked usernames and passwords to attempt to mass login to various websites and applications using automated tools. As many users use the same credentials for multiple services, attackers exploit this practice to gain access to other accounts.
CSRF (Cross-Site Request Forgery) is an attack technique in which an attacker tries to trick a user into performing unwanted actions in a web application where the user is already logged in. (For example, if a user is logged in to his bank account and visits a malicious website in another browser window, the attacker can initiate a money transfer on behalf of the victim without the user's knowledge.)