Definition of Terms
- Software that automatically displays or downloads advertisements (e.g., in pop-up windows or banners) on a computer after the software is installed, often without the user's knowledge or consent, or while the application is being used.
- Software that is designed to help protect a computer from viruses and other malicious software, including those that can destroy data, slow a computer's performance, cause a crash, or even allow spammers to send e-mail through a user's account.
- When referring to e-mail, an attachment is a file that is sent with the e-mail message. An attachment can be a picture, a Word document, a movie, a sound file, an Excel document, or any other special file that requires another program to open it. In addition to the files mentioned above, attachments may also contain computer viruses, Trojan horses, worms or other malware. Unless you were expecting an attachment from the user sending you the e-mail, it is recommended that you do not open the attachment, even if it is a friend sending the e-mail. Viruses and worms can use address books to help spread the virus and make it appear to be a valid e-mail.
- Similar to the real-world Trojan Horse that uses physical media and relies on the curiosity or greed of the victim. In this attack, the attacker leaves a malware infected floppy disk, CD ROM or USB flash drive in a location sure to be found (bathroom, elevator, sidewalk, parking lot), gives it a legitimate looking and curiosity-piquing label, and simply waits for the victim to use the device.
- A stored web address for specified web sites that can be revisited easily without having to remember or retype the Internet address.
- Software that enables a user to find, view, hear and interact with material on the Internet. Popular browsers are Netscape Navigator and Microsoft Internet Explorer.
- A form of computer memory that allows a user to access stored information, such as web addresses recently typed into a browser more quickly. Pronounced "cash."
- A Federal law that establishes standards for sending out promotional e-mail.
- The name given to a place or page on a web-site or online service where users can type messages which are displayed almost instantly on the screens of others who are in the "chat room."
- A small text file that a website can place on a computer's web browser to authenticate, track or maintain certain information about users of the site.
- A segment of Internet space, denoted by the function or type of information it includes; current domains include ".com" and ".net" for commercial sites, ".gov" for governmental sites, ".edu" for educational and ".org" for non-commercial organizations.
- To copy files from one computer to another; "Download" is also used to mean viewing a web site, or material on a web server, with a web browser.
DSL (Digital Subscriber Line)
- A means of accessing the Internet at high speed using standard phone lines.
- Hardware or software that restricts access to a computer based on a set of rules defined by the user. Firewalls may be used to help keep hackers from using a computer to send out personal information without the user's permission also, known as "censorware" or "content-control software."
- Someone who uses the Internet to access computers without permission.
- The mechanical parts of a computer system, including the central processing unit, monitor, keyboard, and mouse, as well as other equipment like printers and speakers.
HTML (Hypertext Markup Language)
- A coding language used to create documents on the Internet and control how web pages appear.
HTTP (Hypertext Transfer Protocol)
- The standard language that computers connected to the World Wide Web use to communicate with each other.
- When a criminal obtains your personal information to steal money from your accounts, open new credit cards, apply for loans, rent apartments and commit other crimes all using your identity. These acts can damage your credit, leave you with unwanted bills and cause you countless hours and frustration to clear your good name.
Instant Message (IM)
- Technology that enables users to engage in real-time communications by exchanging text messages.
IP (Internet Protocol) Address
- A unique address that certain electronic devices currently use in order to identify and communicate with each other on a computer network utilizing the Internet Protocol standard (IP)—in simpler terms, a computer address.
- Hardware or software that records each keystroke typed on a particular computer.
- A type of software program that has been intentionally designed to change a user's settings without his or her permission, delete a competing software - program, cause a competing software program to stop working and/or leave a computer open to attacks.
- Software that allows a parent or caregiver to monitor the web-sites a child visits or e-mail messages he or she reads, without blocking access.
- Compiling information about consumers' preferences and interests by tracking their online movements and actions in order to create targeted ads.
P2P (Peer to Peer)
- An informal network that allows users to share music, games, software or other files with other users online
- A web page that has been created to deceive users into believing that is another company or web page. For example, a user may create a web page that appears to be a bank web page requesting a username and password for login. If the information is entered into the web page, it is captured by the person who created the page and used to gain access to the real page in this example, gain access to the user's bank account. Often these pages are found by links sent in spam phishing e-mails that indicate a user's account has expired or been compromised, need to update information, etc.
- A fraudulent and criminal attempt, typically carried out through e-mail or instant messaging, to lure a user to fake websites where the user is asked to disclose confidential financial and personal information, like passwords, credit card account numbers or Social Security Numbers. Pronounced "fishing."
- See Vishing
Pop-up Messages or Advertisements
- Unsolicited advertising that appears as its own browser window.
- The act of creating and using an invented scenario (the pretext) to persuade a targeted victim to release information or perform an action and is typically done over the telephone. It is more than a simple lie as it most often involves some prior research or set up and the use of pieces of known information (e.g. for impersonation: date of birth, Social Security Number, last bill amount) to establish legitimacy in the mind of the target.
Quid pro quo
- Means something for something: 1. An attacker calls random numbers at a company claiming to be calling back from technical support. Eventually they will hit someone with a legitimate problem, grateful that someone is calling back to help them. The attacker will "help" solve the problem and in the process have the user type commands that give the attacker access or launch malware.
Social Networking Sites
- Websites that allow users to build online profiles; share information, including personal information, photographs, blog entries and music clips; and connect with other users, whether it be to find friends or land a job.
- A computer program. System software — such as Windows or MacOS — operate the machine itself, and applications software such as spreadsheet or word processing programs provide specific functionality.
- Unsolicited commercial e-mail, often sent in bulk quantities.
- Someone who sends unsolicited commercial e-mail, often in bulk quantities.
- An e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or website with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient's own company and generally someone in a position of authority.
- Software that may be installed on a computer without the user's consent to monitor use, send pop-up ads, redirect a computer to certain websites or record keystrokes, which could lead to identity theft.
- Software disguised to perform one legitimate action, but actually performs another often malicious one such as enabling unauthorized people to access the affected computer through a backdoor and sometimes to send spam from it.
- To copy or send files or data from one computer to another.
- A program that is attached to a file or program so it can spread from one computer to another often without the user's knowledge often through an e-mail attachment. Some viruses are programmed to be extremely damaging, while others are programmed to have annoying effects.
- This technique uses a rogue Interactive voice response (IVR) system to recreate a legitimate sounding copy of a bank or other institution's IVR system. The victim is prompted (typically via a phishing e-mail) to call in to the "bank" via a (ideally toll free) number provided in order to "verify" information. A typical system will reject log-ins continually, ensuring the victim enters PINs or passwords multiple times, often disclosing several different passwords. More advanced systems transfer the victim to the attacker posing as a customer service agent for further questioning.
- An object that is embedded in a web page or e-mail and is usually invisible to the user but allows checking that a user has viewed the page or e-mail. One common use is in e-mail tracking (a.k.a. web beacon, tracking bug, pixel tag, 1 X 1 gif and clear gif).
Wi-Fi Protected Access (WPA)
- A security protocol developed to fix flaws in WEP (see below). Encrypts data sent to and from wireless devices within a network.
Wired Equivalent Privacy (WEP)
- A security protocol that encrypts data sent to and from wireless devices within a network. Not as strong as WPA encryption.
- A method of connecting a computer to other computers or to the Internet without linking them by cables.
- A program that reproduces itself over a network and can use up a computer's resources and possibly shut a user's system down. Unlike a virus, a worm does not need to attach itself to a file or program.