Plain-English definitions for the terms used across cybersecurity, privacy, and digital security.
A sophisticated, long-term cyberattack typically carried out by nation-state actors targeting specific high-value organizations.
A company that collects and sells personal information from public records, social media, surveys, and other sources.
The portion of the internet accessible only through Tor or similar software. Hosts both legitimate privacy tools and illicit activity.
Publishing private information about an individual online, typically with malicious intent.
Encryption where only the communicating parties can read the messages — not the service provider.
When someone uses your personal information without permission, typically for financial gain.
A security method requiring two or more verification factors to access an account.
A VPN provider's commitment to not record users' browsing activity, connection logs, or IP addresses.
Open Source Intelligence — collecting and analysing information from publicly available sources.
A social engineering attack using deceptive emails or messages to steal credentials or install malware.
Manipulating people into revealing confidential information or performing actions that compromise security.
An additional security layer requiring a second form of verification beyond just a password.
Virtual Private Network — encrypts your internet connection and masks your IP address from websites and your ISP.
Encryption where the service provider cannot access or read your data — only you hold the keys.
Our top picks are tested, ranked, and ready. Click below to see our best recommendations.