Cybersecurity Glossary

Also referred to as “double-barreled” phishing, barrel phishing is a more sophisticated form of phishing that involves two emails. The first email—often referred to as the “bait email”—attempts to establish a relationship with the recipient or trick them into believing the sender is a trusted source. Once the recipient’s guard is lowered, they’re sent a follow-up email where the actual phishing occurs, usually in the form of malicious links.

Brute force refers to an attack that aims to gain unauthorized access to an account or encryption key. The attack method uses a trial-and-error approach in which hackers attempt to guess password combinations. Brute force attacks can be used to launch a host of malicious activities, such as harvesting data, spreading malware and ransomware, diverting website traffic, and more. While brute force attacks have existed for many years, they’ve grown more sophisticated with the aid of software that enhances the speed and accuracy of this kind of attack. Common protections against brute force attacks include anti-virus software, anti-phishing solutions, anti-malware and ransomware solutions, good cyber hygiene, and user awareness training.

Business Email Compromise (BEC) is a type of spear phishing attack in which a person impersonates a well-known contact of an employee in an attempt to have them transfer funds, reveal sensitive information, or carry out other harmful actions.