Security Glossary
Clear definitions for the link risk and trust signals you see around CheckLink.
Blacklist
A list of known risky domains, URLs, senders, or indicators.
Brand impersonation
Pretending to represent a known brand online.
Disposable email
A temporary email address used for short-term communication.
DKIM
DomainKeys Identified Mail, an email authentication method that signs messages with a domain key.
DMARC
Domain-based Message Authentication, Reporting, and Conformance, an email policy signal built on SPF and DKIM alignment.
Domain impersonation
Using a domain that appears related to a brand without being official.
Email header
Technical metadata attached to an email message.
Explainability
The ability to understand why a tool produced a signal or result.
False negative
A risky or malicious link that is not flagged.
False positive
A safe or acceptable link that is flagged as risky.
Feature engineering
Turning raw details into useful signals for review or scoring.
Homoglyph
A character that looks similar to another character.
HTTPS
An encrypted connection between a browser and a website.
Human-in-the-loop
A workflow where a person reviews or interprets automated signals.
Lookalike domain
A domain designed to resemble another brand, product, or official website.
Malware link
A URL that leads to a malicious download, exploit, or installation prompt.
Manual review
Human review of a link, report, or listing context.
Message-ID
A unique identifier header usually generated by the sending mail system.
Official link
A URL a business recognizes as one of its real customer-facing destinations.
Phishing
A deceptive attempt to steal information or money by pretending to be a trusted person or service.
Punycode
An encoded form used for internationalized domain names.
QR phishing
Using QR codes to hide phishing links.
Quick report
A printable summary generated from automated scanner results.
Quishing
QR phishing that uses a QR code to send people to a risky destination.
Redirect chain
A sequence of one or more redirects between the first URL and the final destination.
Reply-To
The email header that tells mail clients where replies should be sent.
Reputation signal
Context about whether a URL, domain, or sender is known or trusted elsewhere.
Return-Path
The email address used for bounce handling and delivery feedback.
Risk score
A numeric estimate based on available signals.
Security signal
A single clue that helps estimate risk.
Smishing
Phishing delivered through SMS or text messages.
SPF
Sender Policy Framework, an email authentication signal that checks whether a sending server is authorized for a domain.
SSL certificate
A certificate used to support encrypted HTTPS connections.
Suspicious link
A URL that has signals or context that make it worth checking before clicking.
Trust page
A public page that explains listing, ownership, or link context for a product or business.
Trust signal
A clue that helps users judge whether a link, site, or listing deserves more confidence.
Typosquatting
Registering domains that look like misspellings of real brands.
URL redirect
A server instruction that sends a browser from one URL to another.
Vishing
Voice-based phishing or scam calls.