Attack

/ˈspuːfɪŋ/

noun — "tricking systems or users into believing false data is real."

Spoofing refers to the act of falsifying or impersonating data, signals, or identities to deceive a target system or user. In computing and telecommunications, spoofing can occur in multiple forms, including IP address spoofing, GPS spoofing, email spoofing, and caller ID spoofing. The objective is often to bypass security measures, redirect traffic, gather sensitive information, or manipulate a system’s behavior.

/ˌɛks-ɛs-ˈɛs/

n. “Sneaky scripts slipping where they shouldn’t.”

XSS, short for Cross-Site Scripting, is a class of web security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. Unlike server-side attacks, XSS exploits the trust a user has in a website, executing code in their browser without their consent or knowledge.

/ˌdiː-diː-ˈoʊ-ɛs/

n. “When too many people knock at once and the door falls off.”

DDoS, short for Distributed Denial of Service, is a type of cyber attack where multiple systems—often compromised computers, IoT devices, or botnets—flood a target server, network, or service with massive amounts of traffic. The goal isn’t necessarily to steal data or break encryption; it’s to overwhelm resources, disrupt normal operation, and make services unavailable to legitimate users.