Glossary
The phishing & awareness glossary.
Plain-language definitions of the terms you'll meet across PhishSpot — and across security awareness in general.
- Phishing simulation
- A safe, authorized fake phishing email sent to your own employees to measure and build their ability to spot real attacks.
- Landing page
- The page a recipient reaches after clicking a simulated phishing link — used to record the click and, optionally, to teach.
- Merge tag
- A placeholder like a recipient's first name or company that PhishSpot fills in per person, making each simulation feel personal.
- Funnel
- The stages a simulation moves through: Sent → Delivered → Opened → Clicked → Submitted → Trained, plus Replied — so you can see exactly where people drop off.
- Click rate
- The share of recipients who clicked the simulated link. One of the core signals of human risk.
- Risk score
- A 0–100 score (Low, Medium, High, Critical) summarizing how susceptible a person, group or account is over time.
- Autopilot
- PhishSpot's automation that runs continuous programs — it selects a language-matched template, schedules by intensity, and an optimizer tunes timing and difficulty.
- Sequence
- A branching, multi-touch phishing journey where the next step depends on what the recipient did.
- Secured domain
- A platform-managed domain used to host simulations and landing pages safely, separate from your production domains.
- BYOD (Bring Your Own Domain)
- Using your own sending domain for simulations; PhishSpot auto-provisions SPF, DKIM and MX and runs hourly health checks.
- SPF / DKIM
- Email authentication records that prove a message is sent from an authorized server, so simulations reach the inbox instead of spam.
- Whitelist (allowlist)
- Configuration that lets simulation emails bypass filters. PhishSpot exports it in 10 formats, including Microsoft 365, Google Workspace, Mimecast and Proofpoint.
- Awareness page
- A page shown after a click that explains the person just fell for a simulation and how to spot the next one.
- Teachable moment
- The instant right after someone clicks, when a short lesson lands best — PhishSpot trains people then and there.
- Report inbox
- Where messages employees report as suspicious are collected, so security teams can triage real threats and reward good reporting.
- MCP (Model Context Protocol)
- An open standard that lets AI assistants call PhishSpot directly. PhishSpot exposes around 60 MCP tools alongside its REST API.
- Webhook
- An HTTP callback that pushes campaign events to your systems in real time, signed with HMAC-SHA256 and retried up to five times.
- Multi-tenant
- Architecture that keeps every customer account fully isolated, so data is never shared across organizations.
- Deliverability
- How reliably simulation emails reach the inbox — driven by domain setup, authentication and reputation.
- Post-click action
- What happens after a click: a course, an awareness page, a redirect, a message page, or nothing.
Put the terms into practice
Book a demo or start in the platform and run your first simulation — the glossary makes a lot more sense once you've seen the funnel move.

