Phishing & Scampilot dictionary

Glossary.

The key terms around phishing protection and our product docs - in plain language, without jargon. Cross-references to the docs where it helps.

Alias: A forwarding email address attached to a Scampilot account. Each account has exactly one primary alias and any number of burner aliases.
API-Token: Bearer token authenticating the REST API and MCP server. Each token has a name and ability scopes (scan:create, reports:read). Tokens can only be copied once at creation.
Audit-Log Activity log: Append-only log of all privileged account actions (token created, alias changed, report deleted). Visible at /settings/security/audit. Not editable.

Burner-Alias: A non-primary alias. Can be deactivated or deleted at any time. Useful for assigning one address per family member.

CEO-Fraud Business Email Compromise (BEC): A spear-phishing variant where the sender impersonates an executive (CEO, CFO) and requests an urgent wire transfer.
Confidence Confidence score: A number from 0 to 100 the AI model assigns to its own verdict. Below 60, Scampilot escalates to a more precise model.

DPA Data Processing Agreement: Contract under GDPR Art. 28 between controller and processor. Required when a third party processes personal data on your behalf.

Escalation: A second AI call triggered when the first pass returns confidence below 60. Uses a larger model. The escalation result wins - no infinite recursion.
Eval-Set Eval dataset: 30 hand-labelled fixtures, 10 each safe / warn / danger. Measured on every CI run; must stay above 85 %. Current hit rate: 100 %.

GDPR General Data Protection Regulation: European personal-data protection law, in force since May 2018. Scampilot is GDPR-compliant: hashed IPs, one-click data export, tombstone deletion cascade.

Heuristic fallback: Rule-based backup that takes over when the AI provider is unreachable. The report is flagged with model_used = "heuristic-fallback".

MCP Model Context Protocol: Open standard letting AI assistants like Claude or Cursor invoke external tools. Scampilot exposes an MCP server with tools scan_text, scan_url, scan_email.

OpenAPI Swagger: Standard for describing REST APIs. Scampilot's OpenAPI 3.1 spec is live at /docs/api, generated from PHP annotations - always current.

Phishing: Fraud attempt via email aiming to extract credentials or install malware. Often disguised as messages from banks, agencies, or couriers.
Primary-Alias: The first alias, auto-created at registration. Cannot be deactivated or deleted - only the entire account can.

Quota Rate-Limit: Maximum checks per day. Anonymous: 3/day per hashed IP. Logged-in: 2880/day per user. Multiple API tokens share the same bucket - no quota multiplication via token sharding.

Report: The analysis result for a submission. Contains verdict, confidence, plain-language summary, signals, recommended actions, model used, and token spend.
Reputation: URL classification by external databases - currently Google Safe Browsing v4 and PhishTank. Queried before the AI pass; cached for 24 hours.

Scam: Umbrella term for fraud. In Scampilot context, often synonymous with phishing, but broader: also investment scams, romance scams, tech-support scams, "grandchild trick" cons.
Signal: A single observed cue inside a submission, e.g. "credential request detected". Six stable signal keys: urgency, credential_request, suspicious_link, lookalike_brand, payment_demand, external_reputation.
Smishing: Phishing via SMS. Often disguised as parcel-delivery notices ("Your parcel is waiting, pay €1.99 customs") or bank warnings.
Spear-Phishing: Targeted phishing attack on a specific person, often with real personal details. Hard to spot because each message is bespoke.
Submission: A single request to Scampilot. Six sources: paste, inbound_email, api, mcp, telegram, extension. Each submission produces exactly one report.

Tombstone: The only audit entry that remains after account deletion. No personal data - just a pseudonymized user hash and the timestamp.

Verdict: One of three fixed values: safe, warn, danger. Symbol + colour + word - never colour alone.