Scam & Phishing Glossary
Plain-English definitions of the scam, phishing, and crypto-wallet-drainer terms that matter in 2026. Each term links to a full SafeBrowz explainer. SafeBrowz is a free browser extension for Chrome, Firefox, and Edge that blocks these threats in real time using a 3-layer detection engine.
Phishing
A fraud technique where an attacker impersonates a trusted brand, person, or service to trick you into handing over passwords, card details, or other sensitive data. It usually arrives as an email, text, or ad that links to a fake login or payment page that looks real but sits on the wrong domain.
How to tell if a website is a scam →Smishing (SMS phishing)
Phishing delivered by text message. A smishing text poses as your bank, a delivery company, a toll authority, or a retailer and pushes you to tap a link that opens a credential-harvesting page. The short format and a fresh sender number make these hard for filters to catch.
How smishing works and how to stop it →Vishing (voice phishing)
Phishing carried out over a phone call. A caller pretends to be your bank's fraud team, a government agency, or tech support, then uses urgency and authority to extract codes, passwords, or a payment. Caller ID can be spoofed, so the number looking legitimate proves nothing.
The bank phone scam explained →Wallet drainer
Malicious code on a phishing site that empties a crypto wallet once the victim connects it and signs a request. Instead of stealing a password, it tricks you into approving a transaction or token allowance that hands your assets to the attacker. Drainers are often rented as a service and sit behind fake airdrops, mints, and support pages.
The 2026 wallet drainer guide →Pig butchering (sha zhu pan)
A long-con investment scam where the fraudster builds trust over weeks through a dating app or wrong-number text, then steers the victim into a fake crypto or trading platform. The balance appears to grow to encourage larger deposits, and the money vanishes when the victim tries to withdraw.
Pig butchering explained →Typosquatting
Registering a domain that is a small misspelling of a real brand (for example an extra letter or a swapped character) to catch people who mistype a URL or skim a link. The lookalike site copies the real one and harvests logins or card details.
Spotting lookalike domains →Homograph attack
A lookalike domain that swaps Latin letters for visually identical characters from other alphabets (such as a Cyrillic "a") so the address looks correct to the eye but resolves somewhere else. Browsers show these as Punycode, and brand-aware scanners flag the mixed-script trick.
How to verify a domain →Permit2 signature attack
A crypto-wallet attack that abuses the Permit2 approval standard. Instead of a normal transaction, the site asks you to sign an off-chain message that grants a spender permission to move your tokens. The signature looks harmless but authorizes a drainer to transfer your assets later.
Permit2 attacks explained →Address poisoning
An attacker sends a tiny or zero-value transfer from a wallet address that closely matches one you recently used, so it appears in your history. The hope is that next time you copy an address from history you grab the attacker's lookalike and send funds to them.
Address poisoning explained →ClickFix
A social-engineering trick where a fake error or captcha tells you to "fix" the problem by copying a command and pasting it into a terminal or the Run box. Running it installs malware. The page never had a real error; the instruction is the attack.
The fake-captcha ClickFix scam →Quishing (QR-code phishing)
Phishing that hides the malicious link inside a QR code, on a poster, parking meter, email, or letter. Because a QR code is unreadable to the eye and usually opens on a phone with fewer safety cues, victims scan straight into a fake login or payment page.
The QR-code scam explained →Whaling / Business Email Compromise (BEC)
A targeted scam aimed at executives or finance staff. The attacker impersonates a CEO, supplier, or lawyer and requests an urgent wire transfer or a change of bank details. There is often no malicious link at all, just a convincing email, which is why it slips past filters.
The CEO wire-transfer scam →Seed phrase (recovery phrase)
The list of 12 or 24 words that backs up a self-custody crypto wallet. Anyone who has it controls the wallet completely. No legitimate wallet, exchange, or support agent will ever ask for it, so any page or person requesting your seed phrase is a scam.
If your seed phrase is stolen →Pastejacking
An attack where a website silently replaces what you copy so that the text pasted from your clipboard is not what you copied. It is used to swap a crypto address, inject a malicious command, or alter a payment detail at the moment of paste.
Pastejacking explained →Clone phishing
The attacker takes a real email you already received, copies it almost exactly, and resends it with the links or attachments swapped for malicious ones. Because the message matches something genuine, it is far more convincing than a cold phishing email.
Clone phishing explained →Spear phishing
A phishing attack tailored to one specific person using details gathered from social media or data leaks. The personalization (your name, role, recent activity, or contacts) makes it far more believable than mass phishing.
How spear phishing targets you →Evil twin (Wi-Fi)
A rogue Wi-Fi hotspot named to look like a legitimate network, such as an airport or cafe's free Wi-Fi. Once you connect, the attacker can intercept traffic and show fake login or payment pages to capture your credentials.
The airport Wi-Fi scam →Browser-in-the-browser (BitB)
A trick that draws a fake browser pop-up window, complete with a fake address bar showing a real domain, entirely inside the web page. The "Sign in with Google" window you see is just an image on the phishing site, capturing whatever you type.
The BitB attack explained →Tabnabbing
An attack where a background tab you already opened quietly rewrites itself into a fake login page while you are looking elsewhere. When you return to the tab, it looks like a session that timed out and asks you to sign in again.
Tabnabbing explained →MFA fatigue (push bombing)
After stealing your password, the attacker triggers a flood of multi-factor approval prompts to your phone, hoping you tap "approve" out of annoyance or by mistake. One accidental approval lets them in.
MFA fatigue explained →AiTM (adversary-in-the-middle)
A phishing setup that relays your login through a proxy to the real site in real time, capturing not just your password but the session cookie issued after MFA. With that cookie the attacker is signed in even though you completed two-factor authentication.
How AiTM bypasses 2FA →Watering hole attack
Instead of targeting you directly, the attacker compromises a legitimate website that a specific group of people is known to visit, then waits for victims to arrive and get infected. The trusted site is the trap.
Watering hole attacks explained →Angler phishing
An attacker poses as a brand's customer-support account on social media, replying to people who complain publicly and luring them into a fake support flow or payment. It exploits the trust people place in an official-looking support handle.
Fake support-account phishing →Search-engine phishing (malvertising)
Attackers buy search ads for a brand name so a fake site ranks above the real one for high-intent queries. Clicking the sponsored result lands you on a lookalike login or download page. Skipping ads and clicking the first organic result avoids most of these.
Google Ads phishing explained →Deepfake fraud
Fraud that uses AI-generated video or audio to impersonate a real person, such as a fake video call from a CEO or a relative. The synthetic likeness is convincing enough to authorize a payment or pull information out of the victim.
The deepfake video-call fraud →Voice cloning
An AI technique that copies a person's voice from a short audio sample, then uses it in a phone call or voice message to impersonate a family member or executive, usually to demand urgent money. A few seconds of someone's voice online is enough.
The voice-cloning scam explained →Romance scam
A scam where the fraudster builds a fake romantic relationship online to gain trust over weeks, then asks for money or steers the victim into a fake investment. It is often the doorway into a pig-butchering crypto scam.
Romance to crypto scam explained →Tech support scam
A scam where a fake pop-up, call, or page claims your device is infected and offers "support" that actually installs remote-access software or charges for fake fixes. Real companies never cold-call you about a virus.
The fake Microsoft support scam →Scareware (fake virus pop-up)
A fake security warning, usually a full-screen browser pop-up, that claims your device is infected to panic you into calling a number, downloading software, or paying. The warning itself is the scam; nothing actually scanned your device.
The fake virus warning explained →Malicious app (fake APK)
A fake mobile app, often a bank or wallet clone, distributed outside the official app store as an APK file. Once installed it steals logins, intercepts one-time codes, or drains accounts in the background.
The fake bank app scam →One-time-code phishing (OTP theft)
A scam that tricks you into sharing the one-time verification code sent to your phone, letting the attacker take over an account or messaging app. No real service ever asks you to read back a code you just received.
The 6-digit code takeover scam →Fake browser update
A page or pop-up that claims your browser is out of date and prompts you to install an "update" that is actually malware. Browsers update themselves; they never ask you to download an update from a random website.
The fake Chrome update scam →Fake software download
A scam that advertises a popular app or tool, often through a search ad, and serves a tampered installer that bundles malware or an info-stealer instead of the real software. The site looks official but the download is poisoned.
The fake AI-tool download scam →Job scam
A fake job offer that asks for an upfront payment, a deposit for equipment, or your banking and identity details before you start. Legitimate employers never ask new hires to pay to begin work.
The fake remote-job scam →Task scam
A scam disguised as easy paid online tasks, such as liking videos or rating products, that pays small amounts at first, then demands a deposit to unlock bigger "earnings" that never arrive.
The task scam explained →Airdrop scam
A crypto scam offering free tokens to lure you to a "claim" site that asks you to connect a wallet and sign a request, which approves a drainer instead of sending you anything. The free tokens are the bait.
An airdrop scam case study →SIM swap
An attack where the fraudster convinces your mobile carrier to move your number to their SIM, intercepting your calls and SMS one-time codes to break into accounts that rely on phone-based verification.
SIM-swap fraud explained →Block all of these automatically
SafeBrowz is a free extension for Chrome, Firefox, and Edge that checks every URL before it renders against a 550+ brand database, using a 3-layer engine (Local + APIs + AI). Premium AI deep scan is $14.99 per year.
Add to Chrome
Add to Firefox
Add to Edge