Category: Phishing & Social Engineering

Phishing & Social Engineering

Browse threats in this category, plus related secure app guides and AI security pages. Each threat page focuses on how the risk shows up in the browser and what isolation changes.

At a glance

5 threats in this category
Last updated: 2026-01-29

Common themes

phishing
credentials
identity
deception
login
access tokens
consent
email

Threats in Phishing & Social Engineering

Fake login pages

A fake login page is a lookalike sign-in screen designed to capture usernames, passwords, and MFA codes for a real service.

OAuth consent phishing

OAuth consent phishing tricks a user into granting a malicious app access to their account through a legitimate-looking consent screen.

Phishing

Phishing is when an attacker tricks someone into revealing credentials or approving access—often through a convincing message that sends them to a fake login page.

QR code phishing (quishing)

QR code phishing (“quishing”) uses a QR code to hide a malicious URL that opens a browser link on a phone or workstation.

Spear phishing

Spear phishing is targeted phishing that uses personal or company context to make the message and link feel legitimate.

Keep exploring

All guides

Threats, secure apps, and AI security pages.

All browser threats

Browse threats by category and intent.

Secure apps directory

Secure browsing guides for top SaaS apps.

AI security guides

Prevent AI prompt leakage and prompt injection.