Phishing: Fraudulent bid to gain user names, passwords, and other sensitive information by appearing as a trusted source, usually in e-mails or instant messages.
Spear-phishing: Customized version of phishing directed at specific people, such as senior executives in companies. It might be a fake e-mail sent in the name of a boss to an associate.
Trojan horse: Computer program that seems to perform a useful function but instead aids unauthorized access to a network. They are often activated by links in fake e-mails.
Zero-day spyware: Program that is used to hack into a system on or before the first day engineers have developed software to thwart it.
“Level 3” threat: State-sponsored teams of experts that breach a system using a variety of artful tools. The goal is often long-term infiltration.