CyberSpeak: The Top 40 Portmanteaus


Welcome to Blue Goat Blogs, your go-to destination for demystifying the complex world of cybersecurity! Today, we’re not just talking about cybersecurity; we’re exploring the fascinating realm of language within it. Specifically, we’ll be diving into the top 40 cybersecurity portmanteaus. These linguistic blends are not just quirky combinations of words; they represent key concepts in the digital security landscape. By understanding these terms, you’ll be better equipped to navigate the intricacies of cyber threats and defenses. So, let’s embark on this linguistic adventure and expand our cyber vocabulary!

1. Malware (Malicious + Software)

Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network.

2. Phishing (Phone + Fishing)

A cybercrime is when a target or targets are contacted by email, telephone, or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data.

3. Ransomware (Ransom + Software)

A type of malicious software designed to block access to a computer system until a sum of money is paid.

4. Spyware (Spy + Software)

Software that enables a user to obtain covert information about another’s computer activities by transmitting data covertly from their hard drive.

5. Botnet (Robot + Network)

Several Internet-connected devices, each running one or more bots, can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, and more.

6. Adware (Advertising + Software)

Unwanted software designed to throw advertisements up on your screen, most often within a web browser.

7. Infosec (Information + Security)

The practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording, or destruction of information.

8. Cyberwarfare (Cyber + Warfare)

Engaging in a computer or network-based conflict incorporating the use of digital attacks against an enemy state.

9. Pen Test (Penetration + Test)

An authorized simulated attack on a computer system, performed to evaluate the security of the system.

10. Vishing (Voice + Phishing)

The criminal practice of using social engineering over the telephone system to gain access to private personal and financial information from the public for the purpose of financial reward.

11. Keylogger (Key + Logger)

A computer program that records every keystroke made by a computer user, especially in order to gain fraudulent access to passwords and other confidential information.

12. Rootkit (Root + Kit)

A set of software tools that enable an unauthorized user to gain control of a computer system without being detected.

13. Hacktivism (Hacking + Activism)

The act of hacking, or breaking into a computer system, for a politically or socially motivated purpose.

14. Cyberespionage (Cyber + Espionage)

The use or practice of obtaining secrets and information without the permission and knowledge of the holder of the information for advantage.

15. Smishing (SMS + Phishing)

A form of criminal activity using social engineering techniques through mobile phones involving text messages (or SMSes).

16. Clickjacking (Click + Hijacking)

A malicious technique of tricking a user into clicking on something different from what the user perceives, thereby potentially revealing confidential information.

17. Cryptomining (Cryptocurrency + Mining)

The process by which transactions are verified and added to the public ledger, known as the blockchain, and also the means through which new coins are released.

18. Netizen (Internet + Citizen)

An individual involved in online communities and a user of the internet, particularly one avidly involved in online social communities.

19. Doxxing (Documents + -ing)

The Internet-based practice of researching and broadcasting private or identifiable information about an individual or organization.

20. Bloatware (Bloat + Software)

Software that has unnecessary features that use large amounts of memory and RAM.

21. Cyberhygiene (Cyber + Hygiene)

The practices and steps that computer users take to maintain system health and improve online security.

22. Malvertisement (Malicious + Advertisement)

Online advertising used to spread malware.

23. Scareware (Scare + Software)

A form of malware which uses social engineering to cause shock, anxiety, or the perception of a threat, in order to manipulate users into buying unwanted software.

24. Spoofing (Spoof + -ing)

The dissemination of email which is forged to appear as though it was sent by someone other than the actual source.

25. Webinar (Web + Seminar)

A seminar conducted over the internet.

26. Netiquette (Internet + Etiquette)

The correct or acceptable way of communicating on the Internet.

27. Zombie (Zero + HomBIE)

A computer connected to a network that has been compromised by a hacker, computer virus, or trojan horse and can be used to perform malicious tasks under remote direction.

28. Man-in-the-Middle (Man + Middle)

A form of eavesdropping where communication between two users is monitored and modified by an unauthorized party.

29. Credential Stuffing (Credentials + Stuffing)

A type of cyberattack where stolen account credentials, typically consisting of lists of usernames and/or email addresses and the corresponding passwords, are used to gain unauthorized access to user accounts through large-scale automated login requests directed against a web application.

30. RAT (Remote Access + Trojan)

A type of malware that provides an attacker with remote control over an infected computer.

31. Sniffing (Snoop + Sniffing)

The act of intercepting data packets as they’re transmitted over a network.

32. Social Engineering (Social + Engineering)

The psychological manipulation of people into performing actions or divulging confidential information.

33. Hackback (Hack + Back)

The act of identifying attackers and launching counterattacks against them.

34. Cryptolocker (Cryptology + Locker)

A form of ransomware that encrypts a victim’s files and demands a ransom for the decryption key.

35. Whale Phishing (Whaling + Phishing)

Targeted phishing attacks directed specifically at senior executives and other high-profile targets.

36. Cyberkinetics (Cybernetics + Kinetics)

Referring to the integration of cyber systems with biological organisms, often in the context of prosthetics or enhanced human capabilities.

37. Cyberdeterrence (Cyber + Deterrence)

The strategy of preventing cyber attacks by threatening retaliation or demonstrating robust defensive capabilities.

38. Phreaking (Phone + Freaking)

The action of hacking into telecommunications systems, particularly to obtain free calls or interfere with network operations.

39. Whitelisting (White + Listing)

A security strategy that allows only pre-approved software to run on a system, as opposed to blacklisting, which blocks unauthorized software.

40. Spam (Spiced + Ham)

Irrelevant or inappropriate messages sent on the internet to a large number of recipients, typically for the purposes of advertising, phishing, spreading malware, etc.


In wrapping up our exploration of these 40 cybersecurity portmanteaus, it’s clear that the language of digital security is as evolving and dynamic as the field itself. Each term we’ve discussed opens a window into understanding the complexities of cyber threats and the innovative strategies developed to counter them. Remember, in the realm of cybersecurity, knowledge is more than just power – it’s your shield and sword against digital dangers.

Keep these terms in your cyber toolkit as you navigate the digital world. And remember, Blue Goat Blogs is always here to guide you through the labyrinth of cybersecurity with clarity and insight. Stay informed, stay secure, and let’s continue to make the cyber world a safer place, one term at a time!

author avatar
Christian Espinosa

Blog Search

Social Media