Glossary
BOTNET: A group of compromised computers infected with malicious software and controlled as a group without the owner's knowledge. Used to distribute spam or malware, or conduct DDoS attacks. If your computer runs sluggish or returns page errors when you visit an anti-virus site, you may have unknowingly become part of a botnet. If your IP address is detected as generating malware, you can be charged with a cybercrime whether or not you even knew about it. The best way to eliminate a botnet from an infected computer is to wipe the entire hard drive clean and perform a system restore. And hope that you have a good, clean backup dated prior to the compromise.
DISTRIBUTED DENIAL OF SERVICE (DDoS): Form of electronic attack involving multiple computers, which send repeated HTTP requests or pings to a server to load it down and render it inaccessible for a period of time.
MADWARE: Mobile malware. Security experts rank mobile threats as the fastest rising cybercrime faced today. Your mobile device needs the same level security used to protect your PC. Always, ALWAYS, lock your phone with a password or code to prevent unauthorized access. Your favorite anti-virus software is available for download as an app for whatever type device you use.
MALWARE: Software designed to infiltrate or damage a computer system without the owner's knowledge or consent. It is a blend of the words "malicious" and "software." It includes computer viruses, worms, trojan horses, spyware, adware and other malicious and unwanted software. Keep your operating system and anti-virus software patched and updated to protect yourself against malware threats.
PHARMING: Or "domain spoofing" is an attack in which a user can be redirected from a legitimate site to a fraudulent site and then fooled into entering sensitive data such as a password or credit card number. The fraudulent site often looks like the legitimate site; e.g. your bank. It is different from phishing in that the attacker does not have to rely on having the user click a link in an e-mail to deceive the user. Even if the user correctly enters a Web address into a browser's address bar, the attacker can still redirect the user to a malicious Web site.
PHISHING: Fraudulent e-mails, appearing to be from a trusted source such as your bank or credit card carrier, direct you to Web sites. Once there, you are asked to verify personal information such as name, account and credit card numbers, passwords and the like. These sites are often designed to look exactly like the site they are imitating. The information you provide is used to hijack your accounts and your identity. E-mails that warn you, with little or no notice, that your account will be shut down unless you reconfirm certain information, are very likely to be phishing. A newer tactic is to "confirm" personal credentials they supposedly have in their file, displaying false information. You call to correct the erroneous data and unwittingly provide them with the tools they need to steal your identity. NEVER follow a link or phone number provided in an email. Use a phone number or Web site address you know to be legitimate to check the source.
SCAREWARE: Software with malicious payloads sold to consumers. Victims are lured by fake ads warning of an infected computer, etc. Pop up ads trying to sell you anti-virus products are typically scareware.
SMISHING: Phishing attacks conducted via text messaging.
SPEAR PHISHING: Phishing attacks targeting targets specific entities holding whatever valuable information they seek. Typically, the crooks are looking for inside access to an organization's internal network. The target will receive an email appearing legitimate and click the link or open the attachment to unleash the malware. Some appear to contain confidential information the recipient believes was sent to them in error, and can’t resist the temptation to learn what’s inside. Others may alert you to account upgrades and ask login credentials to confirm continued access. Be aware of these tactics and avoid them, no matter how tempted you may be to respond. Take the time to confirm legitimacy before acting on them.
SPYWARE: Software that captures information from your computer such as browsing habits, usernames and passwords or credit card information. Current anti-virus software is your best prevention against spyware download.
TROJAN: Software programs that masquerade as regular games or utilities but harm your computer. Keep your anti-virus software and operating system patched and updated for your protection.
VIRUS: Small programs or scripts that harm your computer, causing it to cease functioning properly. This is old school – more of a threat in the early days of the Internet. Cybercrime has become quite sophisticated over the years. Once again, updated anti-virus software virtually eliminates this threat.
VISHING: Phishing attacks conducted over the telephone. The scammer will try to trick you into divulging personal information over the phone. Never provide your Social Security number, account numbers or passwords to anybody who contacts you unexpectedly. No matter what form of contact they may use. If you believe the call could be legitimate, contact the agency or company they claim to represent using a phone number that is known to you. Do not call a number they provide.
WORMS: Type of virus that replicates itself. Does not destroy files but can take up all available memory or had disk space by multiplying itself. It can cause your computer to run slowly or crash.
ZERO-DAY ATTACK: An attack or threat that exploits a security hole before or immediately after the vulnerability is known.
|