Account Takeover (ATO)
Account takeover is when an attacker gains control of an account and uses it for fraud, scams, or persistence. Learn the common takeover paths and what matters during recovery.
Read term
Glossary
Terms
Short, practical explanations of the security terms used across our recovery guides.
Business Email Compromise (BEC)
Business email compromise is email-driven fraud that redirects payments or access through impersonation. Learn how BEC works, why it succeeds, and defensive verification controls.
Read term
Configuration Profile
A configuration profile on iPhone or iPad can install trusted settings, certificates, VPN, and management controls. Learn when profiles are normal and when to investigate.
Read term
Copyright Counter-Notice
A copyright counter-notice is a formal response to a takedown claim. Learn what it means, why timelines matter, and when to get legal advice.
Read term
Credential Stuffing
Credential stuffing is when attackers test stolen username/password pairs across many services. Learn how it works, why it succeeds, and defensive steps that reduce takeover risk.
Read term
Dark Web
The dark web is content accessible through anonymity networks like Tor. Learn what it is, how stolen data is traded, and what actions reduce real risk after exposure.
Read term
Data Breach
A data breach is unauthorized access to data. Learn what a breach means for your accounts, why reuse turns breaches into takeovers, and the recovery steps that matter most.
Read term
Deepfake
Deepfakes are AI-generated synthetic images, audio, or video used for impersonation and manipulation. Learn the common abuse patterns and safer verification habits.
Read term
DKIM (DomainKeys Identified Mail)
DKIM signs outgoing email so receivers can verify it was authorized and not modified in transit. Learn how DKIM fits with SPF/DMARC and why it matters for phishing defense.
Read term
DMCA Takedown
A DMCA takedown is a copyright-removal request sent to a platform, host, or search provider. Learn what it can remove, what it cannot, and key process risks.
Read term
Doxxing
Doxxing publishes private personal information such as address, phone, or workplace. Learn why it escalates recovery risk and the defensive steps that reduce exposure.
Read term
Incident Response Plan
An incident response plan defines how to detect, contain, and recover from security incidents. Learn the failure modes and what makes a plan actually usable.
Read term
Infostealer
Infostealers steal passwords, cookies, and sessions from your device, then attackers reuse them for account takeovers. Learn what to do first and what makes it worse.
Read term
Malware
Malware is software designed to harm systems or steal data. Learn what malware is, common misconceptions, and safe response steps that improve recovery outcomes.
Read term
MFA Fatigue
MFA fatigue floods you with push prompts until you approve one by mistake. Learn why it works, the warning signs, and defenses that reduce repeat takeovers.
Read term
Mobile Device Management (MDM)
Mobile Device Management (MDM) lets organizations enforce security policies on phones and tablets. Learn when it is normal, when it is risky, and what to check.
Read term
OAuth
OAuth lets apps access your account without sharing your password. Learn how connected apps can become a persistence path after compromise, and what to review during recovery.
Read term
Passkeys
Passkeys replace passwords with device-backed sign-in. Learn what passkeys are, why they reduce phishing risk, and what to do when passkeys create recovery edge cases.
Read term
Password Manager
Password managers store and generate unique passwords. Learn why they reduce credential stuffing risk, how they help detect phishing, and safe setup practices for recovery.
Read term
Password Spraying
Password spraying is when attackers try a small set of common passwords across many accounts. Learn how it differs from brute force and what defensive controls matter.
Read term
Phishing
Phishing uses messages and fake destinations to steal logins, sessions, or money. Learn the main variants, where defenses fail, and a verification process that works.
Read term
Quishing
Quishing uses QR codes to send you to a fake site or payment flow. Learn why QR attacks work on mobile, common traps, and a verification process that holds.
Read term
Ransomware
Ransomware is malware that encrypts systems and demands payment. Learn how ransomware operations work, common entry points, and the steps that reduce damage and speed recovery.
Read term
Security Keys
Security keys are hardware authenticators that protect logins against phishing. Learn how security keys work, common failure modes, and safe setup practices for recovery.
Read term
Session Hijacking
Session hijacking is when an attacker steals or reuses an authenticated session token. Learn how it happens, why password changes can fail, and defensive recovery steps.
Read term
Sextortion
Sextortion is blackmail using intimate images or sexual claims, real or fabricated. Learn the common tactics, what not to do, and how to protect your accounts.
Read term
Sideloading
Sideloading means installing apps outside official app stores. Learn practical tradeoffs, common abuse patterns, and safer defensive habits.
Read term
SIM Swapping
SIM swapping moves your phone number to an attacker-controlled SIM so they can intercept codes and reset accounts. Learn the failure modes and defenses that hold.
Read term
Smishing
Smishing is phishing delivered by SMS or messaging apps. Learn why it works on mobile, common scam patterns, and defensive steps that reduce account takeover risk.
Read term
Social Engineering
Social engineering uses impersonation and urgency to bypass normal verification. Learn how it works, common patterns, and defensive verification rules that reduce account takeover risk.
Read term
Spear Phishing
Spear phishing is targeted phishing that uses personal or organizational context to increase success. Learn how it differs from generic phishing and how to defend safely.
Read term
SPF (Sender Policy Framework)
SPF is an email authentication standard that helps receivers detect spoofed mail. Learn what SPF does, how it fails, and why it matters for phishing and impersonation defense.
Read term
Spyware
Spyware monitors device activity such as messages, location, and logins. Learn why spyware breaks recovery steps, common signs, and defensive ways to respond.
Read term
Stalkerware
Stalkerware is monitoring software installed without meaningful consent. Learn why it matters for account recovery, common warning signs, and safer response steps.
Read term
Two-Factor Authentication (2FA)
Two-factor authentication (2FA) adds a second proof of identity to logins. Learn what 2FA is, how it fails, and how to use it safely for account recovery.
Read term
Vishing
Vishing is phishing delivered by phone calls. Learn the common scripts attackers use, how verification fails, and defensive rules that reduce account recovery scams and fraud.
Read term
Zero-Day Vulnerability
A zero-day vulnerability is a software flaw that is unknown to the vendor or has no patch available. Learn what zero-days mean in practice and how to reduce exposure.
Read term