Blog

HomeNewsInsightsPeople & Impact
Reports

Gen Threat Glossary & Taxonomy

A no-jargon guide to cyberthreats
Threat Research Team
Threat Research Team
Published
May 27, 2025
Read time
6 Minutes
Gen Threat Glossary & Taxonomy
Written by
Threat Research Team
Threat Research Team
Published
May 27, 2025
Read time
6 Minutes
Gen Threat Glossary & Taxonomy
    Share this article

    Understanding cyberthreats can be complex, especially as tactics evolve and terminology expands. This blog is designed to make things easier. Here, you’ll find clear definitions and classifications of key threat types featured in our quarterly Gen Threat Reports. We keep it simple, sharp and rooted in real-world things that researchers across the Gen family of brands continue to discover in the wild.  

    As threat insights evolve quarter over quarter, this resource will grow alongside them, helping journalists, analysts and curious minds stay informed while navigating the ever-changing threat landscape. Think of it as your fast, reliable reference to stay ahead of what’s out there. 

    • Adware (malware-based threat) 

      Adware threats refer to applications that display intrusive out-of-context adverts to users to generate fraudulent advertising revenue. In other words, it’s sneaky software that shows annoying pop-up ads to make money, often without you realizing where they’re coming from or why. These apps often mimic popular apps like games or camera filters and include stealthy features to avoid detection or removal. 

    • Alert (threat indicator and metric) 

      An alert refers to any and every notification sent to a user’s app, within a given period, to warn you about possible threats to your identity, money or personal information.  

    • Bankers (malware-based threat) 

      Bankers are a sophisticated type of malware (and a subset of infostealers), designed to steal banking credentials, crypto wallets and payment information. Generally distributed through phishing messages or fake websites, Bankers can take over a victim's device by abusing the accessibility service. Once installed and enabled, they often monitor 2FA SMS messages and may display fake bank overlays to steal login information.   

    • Blocked Attack (threat indicator and metric) 

      A blocked attack means we stopped a specific threat from reaching a specific user during a certain period of time. 

    • Breach Event (data compromise threat) 

      A breach event is a security incident where unauthorized individuals gain access to personal or identity-related data. For example, the event of identity theft. 

    • Breached Record (data compromise threat) 

      A breached record is an individual instance of leaked data from a breach, such as an email, a password, your SSN, credit card number or IP address. 

    • Data-Stealing Threats (data compromise threat) 

      These threats focus on stealing valuable data from a device, including login credentials, cryptocurrencies, browser cookies, passwords and private documents. 

    • Dating Scams (scam-based threat) 

      Also known as romance scams or online dating scams, these scams involve scammers forming fake romantic relationships online to gain trust and extract money or enough personal data to commit identity theft. 

    • Financial Scam 

      This is a type of fraud where the attacker tricks you into giving them money or sensitive financial information (e.g., fake investment opportunities). 

    • Infostealers 

      This is malicious software that steals passwords, banking credentials, crypto wallet keys, and other sensitive information from your computer. 

    • Malicious Browser Push Notifications (scam-based threat) 

      Attackers exploit browser notification features by tricking users into enabling them, then sending harmful or misleading messages. 

    • Malvertising 

      Short for malicious advertising is when hackers hide harmful software or links inside online ads—even on trusted websites. These ads might look normal, but clicking them (or sometimes just loading the page) can infect your device or steal your info. An example: You visit a news site and see a banner ad that looks like a software update or prize offer. If you click it, it might secretly install a virus or take you to a fake website that steals your passwords. You didn’t have to visit a sketchy site; the bad ad came to you. 

    • Phishing (scam-based threat) 

      A type of online scam where fraudsters attempt to trick victims into providing sensitive data by impersonating trustworthy sources via emails, texts or fake websites. The fraudulent message usually contains a link to a fake website that looks like the real one, where the victim is asked to enter their sensitive information.   

    • Ransomware (malware-based threat) 

      Ransomware is any type of extorting malware. The most common subtype is one that encrypts files (documents, photos, videos, databases on a victim’s PC) and demands payment (“ransom”) to decrypt them. Those files become unusable without decrypting them first. To decrypt the files, attackers demand money, “ransom”, hence the term ransomware.  

    • Remote Access Trojans (malware-based threat) 

      RATs are typically spread through social engineering techniques, such as phishing emails or infected file downloads. Once installed, RATs grant the attacker complete access to the victim's device, enabling activities like surveillance, data theft or spying via webcams. 

    • Risk Ratio (threat indicator and metric) 

      This metric denotes the severity of threats in a given country and is calculated as: 
      Number of attacked users / Number of active users (monthly average). Unless stated otherwise, risk ratios are only reported for countries with 10,000+ users per month. 

    • Scam-Yourself Attack (misleading) 

      This attack is a social engineering tactic where victims are tricked into unintentionally compromising their own security—often by entering real credentials or verification codes into a fake but convincing interface. For example, they might send you to a fake login page that looks real, and when you enter your code or password, they use it right away to get into your account. 

    • Scams 

      A broad category of threats aimed at tricking victims into giving away personal information or money. We track diverse types of scams including but not restricted to: Malicious browser push notifications, dating scams, tech support scams phishing.  

    • Spyware (malware-based threat) 

      Spyware is sneaky software that secretly watches what you do and steals personal info like your messages, photos, location, or passwords. It often spreads through fake ads, scam messages or tampered apps. Some advanced versions, used by governments, can even break into devices using hidden security flaws. 

    • Tech Support Scams (scam-based threat) 

      These scams involve fraudsters pretending to be legitimate tech support agents to gain remote access or steal personal and financial data. These scams rely on confidence tricks to gain victims' trust and often involve convincing them to pay for unnecessary services or purchase expensive gift cards. It's important for internet users to be vigilant and to verify the credentials of anyone claiming to offer technical support services.  

    Threat Research Team
    Threat Research Team
    A group of elite researchers who like to stay under the radar.
    Follow us for more
    Blog Archive