Threat Search

This glossary lists terms you may come across when reading about online security and threats. If you find a term you don't recognize, check here to find out what it means. Bookmark this page as a quick and handy reference.

  1. Advanced persistent threats (APTs)

    A targeted cyberespionage or cybersabotage attack that is usually sponsored by a nation state with the goal of stealing information from an organization. The motivation behind an advanced persistent threat is to gain information for military, political, or economic advantage.

  2. Adware

    Software that automatically plays, displays, or downloads advertisements to a computer, often in exchange for the right to use a program without paying for it. The advertisements seen are based on monitoring of browser habits. Most adware is safe to use, but some can serve as spyware, gathering information about you from your hard drive, the websites you visit, or even your keystrokes. Certain types of adware have the capability to capture or transmit personal information.

  3. Android (droid)

    Google's brand name for its Linux-based operating system for mobile devices (smartphones and tablets).

  4. Antispam

    A type of application that defends against the threats that spam poses (such as viruses, phishing attempts, and denial-of-service attacks) and reduces the amount of spam entering an email system.

  5. Antivirus software

    A type of software that scans a computer's memory and disk drives for viruses. If it finds a virus, the application informs the user and may clean, delete, or quarantine any files, directories, or disks affected by the virus. The term antimalware is preferred because it covers more threats.

  6. ATM skimming

    A type of fraud or theft that occurs when an ATM is compromised with a skimming device. A card reader that can be disguised to look like a part of the machine. The card reader collects victims' account information and personal identification numbers (PIN).

  7. AutoUpdate

    The program that automatically updates McAfee software with the latest detection definition (.DAT) files and scan engine.

Back to Top
  1. Backdoor

    Computer programmers often build backdoors into software applications so they can fix bugs. If hackers or others learn about a backdoor, the feature may pose a security risk. It can also be referred to as a trap door.

  2. Backup

    A backup is a duplicate copy of data made for archiving purposes or for protection against damage and loss. A backup is usually kept physically separate from the originals for recovery when originals are damaged or lost.

  3. Black hat hackers

    Hackers who gain unauthorized access into a computer system or network with malicious intent. They may use computers to attack systems for profit, for fun, for political motivations, or as part of a social cause. Such penetration often involves modification and/or destruction of data, as well as distribution of computer viruses, Internet worms, and delivery of spam through the use of botnets.

  4. Blacklist

    A list of known sources of unwanted email used for filtering spam. A blacklist can also be a list of websites that are considered to be dangerous because they exploit browser vulnerabilities or send spyware and other unwanted software to users.

  5. Blended threat

    A general description for malicious programs that combine elements of multiple types of malware: viruses, worms, Trojans, etc.

  6. Bluetooth

    A wireless technology commonly used to wirelessly link phones, computers, and other network devices over short distances. It can also be used to exchange data over short distances.

  7. Bot

    Short for "robot," a computer that has been infected with malicious software without the user's knowledge. Once the computer has been affected, a cybercriminal can send commands to it and other infected machines over the Internet. Since the compromised computers blindly follow the commands of the cybercriminals, infected machines are also called zombies.

  8. Botnet (bot network)

    Short for "robot network," a botnet is a network of hijacked computers controlled remotely by a hacker. The hacker can use the network to send spam and launch Denial of Service (DoS) attacks, and may rent the network to other cybercriminals. A single computer in a botnet can automatically send thousands of spam messages per day. The most common spam messages come from zombie computers.

  9. Browser hijacker

    A type of malware that alters your computer's browser settings so that you are redirected to websites that you had no intention of visiting. Most browser hijackers alter browser home pages, search pages, search results, error message pages, or other browser content with unexpected or unwanted content.

  10. Brute-force attack

    A hacking method used to find passwords or encryption keys by trying every possible combination of characters until the correct one is found.

  11. Bug

    An unintentional fault, error, failure, or mistake in a software program that can produce an incorrect or unexpected result or cause a program to behave in unintended ways.

Back to Top
  1. Cache

    Pronounced like "cash," a cache stores recently used information in a place where it can be accessed extremely fast. Computers have a disk cache; this stores information that the user has recently read from the hard disk. Web browsers also use a cache to store the pages, images, and URLs of recently visited websites on the user's hard drive. When users visit web pages that they have been to recently, the pages and images don't have to be downloaded again.

  2. Caller ID spoofing

    This is the practice of causing the telephone network to display a false number on the recipient's caller ID. A number of companies provide tools that facilitate caller ID spoofing. Voice over Internet Protocol (VoIP) has known flaws that allow for caller ID spoofing. These tools are typically used to populate the caller ID with a specific bank or credit union, or just with the words "Bank" or "Credit Union."

  3. Carding

    A technique used by thieves to verify the validity of stolen card data. The thief will use the card information on a website that has real-time transaction processing. If the transaction is processed successfully then the thief knows the card is still good. The purchase is usually for a small amount to avoid using the card's limit and to avoid attracting the attention of the card owner.

  4. Cellular network

    A radio network that is distributed over land areas called cells. Each cell is associated with a radio transceiver, when the cells are joined together they can provide radio coverage over a wide geographic area allowing mobile phones to communicate with each other.

  5. Child identity theft

    When a thief steals the identities of children to use for fraudulent financial transactions. It can take years before the theft is discovered, often the victims discover this when they engage in their first financial transactions. The dangers associated with child identity theft include damaged credit and income tax liability.

  6. Cloud computing

    Cloud computing refers to applications and services that are offered over the Internet. These services are offered from data centers around the world that collectively are referred to as the "cloud."

  7. Contactless payment

    A noncash payment transaction that doesn't need a physical connection between the payment device, which can be a number of things ranging from traditional plastic cards to mobile phones, and the physical point-of-sale terminal (for example, a cash register).

  8. Cookie

    Small amounts of data generated by a website and saved by your web browser. Websites use cookies to identify users who revisit their sites, and are most commonly used to store login information for a specific site. When a server receives a browser request that includes a cookie, the server can use the information stored in the cookie to customize the website for the user. Whenever a user checks the box "Remember me on this computer," the website will generate a login cookie once the user successfully logs in. Each time users revisit the site, they may only need to enter their password or may not need to login at all. Cookies can be used to gather more information about a user than would be possible without them.

  9. Crimeware

    Malicious software such as viruses, Trojan horses, spyware, and other programs used to commit crimes on the Internet including identity theft and fraud.

  10. Criminal identity theft

    When a criminal fraudulently identifies himself to police as another individual at the point of arrest. In some cases criminals have previously obtained state-issued identity documents using credentials stolen from others, or have simply presented fake identification.

  11. Cyberbullying

    Bullying that takes place in cyberspace. This includes the Internet and mobile phone communication. It may involve harassing, threatening, embarrassing, or humiliating someone online.

  12. Cybercrime

    A criminal activity done using computers and the Internet. This can take many shapes and forms, such as downloading illegal music files to stealing money from online bank accounts. Cybercrime can also include nonmonetary offenses, such as creating and distributing viruses. One of the most prominent cybercrime offenses is when cybercriminals use the Internet to steal personal information from others and commit identity theft.

  13. Cybercriminals

    Cybercriminals are hackers, crackers, and other malicious users who use the Internet to commit crimes such as identity theft, PC hijacking, illegal spamming, phishing and pharming, and other types of fraud.

  14. Cybergangs

    Cybergangs are groups of hackers, crackers, and other cybercriminals that pool their resources to commit crimes on the Internet. Organized crime is often involved in cybergang activity.

  15. Cybersquatting

    Registering, trafficking in, or using a domain name with malicious intent to profit from the goodwill of a trademark or brand name belonging to someone else. The cybersquatter then offers to sell the domain to the person or company who owns a trademark contained within the name at an inflated price. Cybersquatters also sometimes register variations of popular trademarked names as a way of distributing their malware.

Back to Top
  1. DAT files

    Also known as a data file, these files are used to update software programs, sent to users via the Internet. .DAT files contain up-to-date virus signatures and other information antivirus products use to protect your computer against virus attacks. .DAT files are also known as detection definition files and signatures.

  2. Data

    A broad term to describe information that has been translated into a form that is more convenient to move or process.

    Data can be in the form of text documents, images, audio files, software programs, and many more forms. Data can be processed on a computer or a mobile device, such as a mobile phone or tablet.

  3. Defacement

    A change made to the home page or other key pages of a website by an unauthorized individual or process, usually unknown to the website owner.

  4. Default password

    The password on a system when it is first delivered or installed.

  5. Denial of service (DoS)

    An attack specifically designed to prevent a system from functioning properly as well as denying access to the system by authorized users. Hackers can cause denial-of-service attacks by destroying or modifying data or by overloading the system's servers until service to authorized users is delayed or prevented.

  6. Dialers

    Dialers include software programs that redirect Internet connections to a party other than the user's default ISP and are designed to run up additional connection charges for a content provider, vendor, or other third party.

  7. Dictionary attack

    Method of breaking into a password-protected computer, mobile device, or online account by entering every word in a dictionary as a password.

  8. Distributed denial of service (DDos)

    A type of denial-of-service (DoS) attack in which more than one traffic generator directs traffic to a targeted URL. Traffic-generating programs are called agents, and the controlling program is the master. DoS agents receive instruction from a master to carry out an attack, which is designed to disable or shut down the targeted URL.

  9. Domain name

    This is a name that identifies a website; for example, is the domain name of McAfee's website. Each domain name is associated with an IP address. Domain names are used in URLs to identify particular web pages.

  10. Downloading

    This is the process in which data is sent to your computer. Whenever you receive information from the Internet, you are downloading it to your computer. For example, you may have to download an update for your web browser. The opposite of this process, is sending information to another computer is called uploading.

  11. Drive-by download

    A program that is automatically downloaded to your computer without your consent or even your knowledge. It can install malware or potentially unwanted programs merely by your viewing an email or website.

  12. Dropper

    This is an executable file, created specifically to introduce a virus, worm, or Trojan on a computer system.

  13. Dumpster diving

    The practice of sifting through commercial or residential trash in the hopes of finding information to steal or commit fraud.

Back to Top
  1. Encryption

    Encryption is a security method of coding or scrambling data so that it can be decoded or read only by authorized users. This is commonly used to secure websites, online purchases, and other transactions.

  2. Executable file (.exe)

    A type of computer file that when opened runs a program or series of instructions contained in the file. These types of files have the potential to be dangerous since they run code when opened, and are often used by cybercriminals to distribute viruses, malware, and spyware.

  3. Exploit

    A piece of software that takes advantage of a bug, glitch, or design flaw in software in order to cause unintended or unanticipated behavior on computer software. This can include gaining control of a computer system, changing access privileges, or denying access or resources to users.

Back to Top
  1. False negative

    An error that occurs when antivirus software fails to detect that an infected file is truly infected. False negatives are more serious than false positives, although both are undesirable. False negatives are more common with antivirus software because they may miss a new or a heavily modified virus.

  2. False positive

    An error that occurs when antivirus software wrongly claims that a virus is infecting a clean file. False positives usually occur when the string chosen for a given virus signature is also present in another program.

  3. Firewall

    A piece of hardware or software that is designed to block unauthorized access while permitting authorized communications. It is configured to permit or deny network transmissions based upon a set of rules. They are designed to protect the network's resources from users on other networks.

Back to Top
  1. Geolocation

    Term used to describe the capability to detect and record where you and other people are located. Geolocation information can be obtained in a number of ways, including using data from a user's IP address, MAC address, RFID, Wi-Fi connection location, or GPS coordinates.

  2. Geotagging

    Process of adding geographical identification data to various types of media, such as a photograph or video taken with your camera or mobile device. This data usually consists of latitude and longitude coordinates, and they can also contain altitude, bearing, distance, and place names.

  3. Global positioning system (GPS) software

    Software that is based on a satellite navigation system that provides location and time information anywhere on the Earth where there is a clear line of sight from the device that the software is being used on to four or more GPS satellites.

    New mobile phones have this software and can calculate the position of the device by using signals received from multiple GPS satellites. Mobile phone users can use the software to see where they are located on a map, route them to a desired location, and show them different routes to reach their destination.

  4. Gray hat hackers

    Skilled hackers who sometimes act legally, sometimes in good will and sometimes not. They are a hybrid between white and black hat hackers. They usually do not hack for personal gain or have malicious intentions, but may or may not occasionally commit crimes during the course of their technological exploits.

Back to Top
  1. Hacker

    A broad term for a person who uses programming skills and technical knowledge to create and modify computer software and hardware by finding weaknesses and exploiting them, including computer programming, administration, and security-related items. Hackers can be motivated by a number of reasons both positive and negative, such as profit, protest, or challenge. Criminal hackers create malware in order to commit crimes. See also: malware, cybercriminals, cybergangs.

    In the early days of computing, hacker was a term used to describe a programmer who had a curiosity and appreciation of programs and systems and how they worked. Over time, however, the term gained a negative connotation and began to refer to someone who uses the knowledge to break into other people's systems to steal information and cause havoc. We also call programmers who use their skills for harm "crackers."

  2. Hole

    A vulnerability in the design software and/or hardware that allows the circumvention of security measures.

  3. Host

    A term often used to describe the computer file to which a virus attaches itself. Most viruses run when the computer or user tries to use the host file.

  4. Hotspot

    A hotspot is a site that offers Internet access over a wireless connection. Hotspots typically use Wi-Fi technology and are generally found in coffee shops and various other public locations.

  5. Hyperlink (link)

    A clickable word, phrase, or image on a website that once clicked takes the user from one web page to another, or to another resource on the Internet. They are typically underlined or set apart by a different color. When you move your cursor over a hyperlink, whether text or image, the arrow should change to a small hand pointing at the link.

Back to Top
  1. In the wild (ITW)

    A virus is "in the wild" (ITW) if it is verified as having caused an infection outside a laboratory situation. Most viruses are in the wild and differ only in prevalence.

  2. Infected

    This term refers to the condition of a file after a virus, spyware, or malware has inserted malicious code into it. Computer systems are infected if a virus or Trojan is installed and running on that system. Static malware, such as viruses and Trojans with entirely malicious code, is also said to be infected. If a potentially unwanted program is installed on a system, the system is not considered infected, even though there may be other consequences.

  3. Infection

    Infection is the action a virus carries out when it enters a computer system or storage device.

  4. Information harvesters

    People who supply stolen data but do not necessarily use it to commit fraud. The information obtained by harvesters is sold to criminal networks that trade the information in Internet back alleys.

  5. International Mobile Equipment Identity (IMEI)

    A number 15 or 17 digits in length that is unique to each mobile phone and tablet. It is used to identify users on the Global System for Mobile Communications (GSM) and the Universal Mobile Telecommunications System (UMTS). It is usually found printed inside the battery compartment of the phone. If a mobile phone is lost or stolen, the owner can call the network provider and instruct them to blacklist the phone based on the IMEI number and make it useless on the network.

  6. International Mobile Subscriber Identity (IMSI)

    A unique identification associated with all Global System for Mobile Communications (GSM) and Universal Mobile Telecommunications System (UMTS) network mobile phone users. The IMSI is a unique number identifying a GSM subscriber stored inside the subscriber identity module (SIM).

  7. Internet Protocol (IP) address

    An IP address is a unique numerical label assigned to a device, such as a computer or other device on a network, including the Internet. IP addresses allow computers, routers, printers, and other devices to identify one another to communicate.

  8. IOS

    Apple's brand name for its mobile operating system.

Back to Top
  1. Jailbreaking

    Process of removing limitations imposed by Apple on devices running the iOS operating system (iPhone, iPad, and iPod). Users do this to gain root access to the operating system to be able to install apps obtained through means other than the official App Store. While this can allow the user greater control of what is installed on the device, it can also cause data corruption and make the device less secure.

Back to Top
  1. Keylogger (keystroke logging)

    Software that tracks or logs the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. This is usually done with malicious intent to collect information including instant messages, email text, email addresses, passwords, credit card and account numbers, addresses, and other private data.

Back to Top
  1. Location-based services (LBS)

    A service accessible by mobile devices that uses information on the geographical position of the mobile device. Applications like this can help locate the nearest coffee shop or ATM, receive a warning about a nearby traffic jam, or see an ad for a local sale or promotion.

Back to Top
  1. Mail bomb

    An excessively large email (typically many thousands of messages) or one large message sent to a user's email account. This is done to crash the system and prevent genuine messages from being received.

  2. Malicious app

    A mobile application (app) disguised as a legitimate app that can contain viruses, worms, Trojan horses, malware, spyware, or any other items that may harm user devices or personal data. Once a malicious app is downloaded, it can wreak havoc in multiple ways including sending text messages to premium-rate numbers, taking control of the infected device, and downloading the user's contact lists. Cybercriminals distribute malicious apps through legitimate app stores like Google Play by masquerading as a legitimate app.

  3. Malicious code

    A piece of code designed to damage a system and the data it contains, gather sensitive information, gain unauthorized access, or to prevent the system from being used in its normal manner.

  4. Malvertising

    This is usually executed by hiding malicious code within relatively safe-looking online advertisements. These ads can lead a victim to unreliable content or directly infect a victim's computer with malware, which may damage a system, access sensitive information, or even control the computer through remote access.

  5. Malware

    A generic term used to describe any type of software or code specifically designed to exploit a computer or the data it contains, without consent. Malware includes viruses, Trojan horses, spyware, adware, most rootkits, and other malicious programs.

  6. Media access control (MAC) address

    A hardware identification number that is a unique code assigned to every piece of hardware that connects to the Internet. This includes Internet-capable phones, network interface cards for desktop and notebook computers, wireless access cards, and even some memory cards. The MAC address is manufactured into every network card, such as an Ethernet card or Wi-Fi card, and can't be changed.

  7. Medical identity theft

    This occurs when someone uses a person's name and sometimes other parts of their identity—such as insurance information—without the person's knowledge or consent to receive benefits such as treatments, prescriptions, or other medical services in another person's name. The dangers of medical identity theft include being denied health coverage, or being given the wrong treatment. (The doctor could be given the wrong medical history, such as a different blood type.)

  8. Mobile browser

    A web browser that is designed and optimized to display content on a mobile device. Mobile browsers are used on mobile devices to browse the Internet, just as a web browser is used on a computer.

  9. Mobile data usage

    Mobile service providers have data plans that allow users to access the Internet (including sending and receiving email, using apps and GPS) anywhere a mobile phone signal can be accessed. Data plans are based on the number of gigabytes (GBs) of data that are uploaded and downloaded from the Internet per month via a smartphone or a tablet.

  10. Mobile malware

    Software with a malicious purpose that commonly performs actions without a user's knowledge. It may be designed to disable your phone, remotely control your device, send unsolicited messages to the user's contact list, make charges to the user's phone bill, or steal valuable information. Mobile malware uses the same techniques as PC malware to infect mobile devices.

  11. Mobile payment

    An alternative payment where a consumer can use their mobile phone to make a payment, instead of using cash or credit cards. This is sometimes referred to as a mobile wallet.

  12. Mobile phone spam

    Also known as SMS spam, text spam, or mobile spamming. Mobile phone spam is unsolicited and generally unwanted commercial advertisements that are sent to a user's mobile phone by way of text messaging.

  13. Multimedia messaging service (MMS)

    A standard way to send messages that includes multimedia content to and from mobile phones. The most popular use is to send photos, but it can also be used for delivering videos, text pages, and ringtones.

Back to Top
  1. Near-field communications (NFC)

    A set of standards for smartphones and similar devices to establish radio communication with each other by touching them together or bringing them into close proximity, usually no more than a few inches or centimeters. This technology is currently being used for contactless payment transactions and data exchange.

  2. Network

    A network can consist of two or more computers, mobile devices (phones and tablets), gaming devices, Internet connected TVs, etc. connected to each other. Networks can be connected by cables or wirelessly. The purpose of a network is to share files and information.

Back to Top
  1. Password attack

    An attempt to obtain or decrypt a user's password for illegal use. Hackers can use cracking programs, dictionary attacks, and password sniffers in password attacks. Defense against password attacks is rather limited but usually consists of a password policy including a minimum length, unrecognizable words, and frequent changes.

  2. Password cracker

    Software designed to enable a user or administrator to recover lost or forgotten passwords from accounts or data files. In the hands of an attacker, these tools offer access to confidential information and are a security and privacy threat.

  3. Password sniffing

    The use of a sniffer (software or a device that monitors a network and makes a copy of data sent over a network) to capture passwords as they cross a network. The network could be a local area network, or the Internet itself.

  4. Password stealer (PWS)

    Malware specifically used to transmit personal information, such as usernames and passwords.

  5. Payload

    The "cargo" code in a virus rather than the portions used to avoid detection or replicate. The payload code can display text or graphics on the screen, or it may corrupt or erase data. Not all viruses contain a deliberate payload. However, these codes affect CPU usage, hard disk space, and the time it takes to clean viruses. Payload can also refer to the data or packets sent during an attack.

  6. Peer-to-peer (P2P) networking

    A distributed system of file sharing in which any computer on the network can see any other computer on the network. Users can access each others' hard drives to download files. This type of file sharing is valuable, but it brings up copyright issues for music, movies, and other shared-media files. Users are also vulnerable to viruses, Trojans, and spyware hiding in files.

  7. Personally identifiable information (PII)

    Any information that, by itself or when combined with other information, can identify an individual.

  8. Pharming

    The process of redirecting traffic to a fake website, often through the use of malware or spyware. A hacker sets up a fraudulent website that looks like a legitimate website in order to capture confidential information from users.

  9. Phishing

    A form of criminal activity using social engineering techniques through email or instant messaging. Phishers attempt to fraudulently acquire other people's personal information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication. Typically, phishing emails request that recipients click on the link in the email to verify or update contact details or credit card information. Like spam, phishing emails are sent to a large number of email addresses, with the expectation that someone will act on the information in the email and disclose their personal information. Phishing can also happen via text messaging or phone.

  10. Piggyback

    The practice of gaining unauthorized access to a system by exploiting an authorized user's legitimate connection without their explicit permission or knowledge.

  11. Potentially unwanted program (PUP)

    Often legitimate software (nonmalware) that may alter the security state or the privacy of the system on which they are installed. This software can, but not necessarily, include spyware, adware, keyloggers, password crackers, hacker tools, and dialer applications and could be downloaded in conjunction with a program that the user wants.

Back to Top
  1. Quarantine

    The isolation of files that are suspected of containing a virus, spam, suspicious content, or PUPs. Quarantined files cannot be opened or executed.

  2. Quick response (QR) code

    Quick response (QR) codeA two-dimensional code that can be scanned with a QR barcode reader or a camera-enabled smartphone with QR reader software. Once a QR code is scanned, it can direct a user to just about anything: a web page, call a phone number, or an SMS text message. QR codes provide organizations with a quick and easy way to direct their customers to online content. QR codes are often found in magazines, product packaging, on advertisements, online, and in other marketing collateral.

Back to Top
  1. Radio-frequency identification (RFID)

    A generic term to describe a system that transmits the identity (in the form of a unique serial number) of an object or person wirelessly using radio waves.

  2. Ransomware

    Malicious software created by a hacker to restrict access to the computer system that it infects and demand a ransom paid to the creator of the malicious software for the restriction to be removed. Some forms of ransomware may encrypt files on the system's hard drive, while others may simply lock the system and display messages to coax the user into paying.

  3. Redirect

    A method used to direct someone or something to a different place than was intended. Cybercriminals can use these to route a legitimate website's traffic to a counterfeit website.

  4. Remote administration tool (RAT)

    Software designed to give an administrator remote control of a system. Hackers can install malicious RAT software on a computer without the user's knowledge and take control of it remotely without the user's knowledge. RATs can be installed by opening an infected attachment, clicking links in a popup window, or through any other software that poses as legitimate.

  5. Replication

    The process by which a virus makes copies of itself to carry out subsequent infections. Replication is one of the major criteria separating viruses from other computer programs.

  6. Rogue program

    Any program intended to damage programs or data, or to breach a system's security. It includes Trojan horse programs, logic bombs, and viruses.

  7. Rooting

    A way that users of mobile devices (mobile phones, tablet PCs, and other devices running the Android operating system) hack their devices to gain privileged access to the operating system. This gives the user the ability to alter or replace system applications and settings, run apps that require administrator permissions, or perform operations that otherwise would have not been possible.

  8. Rootkits

    A stealthy type of malware that is designed to hide the existence of certain processes or programs from normal methods of detection and enable continued privileged access to a computer. Rootkits are the hardest type of invasive software to detect and nearly impossible to remove. As eluded to in the name, they dig into the root of a hard drive. They are designed to steal passwords and identifying information.

Back to Top
  1. Scareware

    A common trick cybercriminals use to make users think that their computer has become infected with malware to get them to purchase a fake application. Often the fake application that the user is tricked into purchasing is actually a malicious program which can disable real antivirus software and wreak havoc on a user's machine.

  2. Search engine

    A program that searches information on the Internet for specified keywords and returns a list of where the information can be found. They have electronic catalogs of millions of sites on the Internet so that once a user types in a keyword or set of keywords into the search engine, it can quickly direct the user to websites containing information based on the keyword. Google, Yahoo, and Bing are all examples of search engines.

  3. Shareware

    Software provided to users without payment on a trial basis and is usually offered with limited features. Shareware requires payment to the author for full rights. If, after trying the software, you do not intend to use it, you simply delete it. Using unregistered shareware beyond the evaluation period is pirating. Also known as trialware or demoware.

  4. Short code

    Telephone numbers shorter than full telephone numbers that can be used only for messaging on mobile phones. They are designed to be easier to read and remember. Short codes are widely used for value-added services such as television program voting, ordering ringtones, charity donations, and mobile services. Messages sent to a short code can be billed at a higher rate than a standard text message and may even subscribe a customer to a recurring monthly service that will be added to the their mobile phone bill until the user texts the word "STOP"(for example) to terminate the service.

  5. Short message service (SMS)

    A form of text messaging on mobile phones.

  6. Shoulder surfing

    The use of direct observation techniques, such as looking over someone's shoulder, to get information. A criminal can get access to your personal identification number (PIN) or password by watching over your shoulder as you use an automated teller machine (ATM) or type on your computer.

  7. Signature files

    Data files containing detection and/or remediation code that antivirus or antispyware products use to identify malicious code.

  8. SIM (subscriber identity module) card

    A small electronic card, approximately the size of a postage stamp, that is placed underneath a mobile phone's battery. The SIM card stores data such as user identity, location phone number, network authorization data, personal security keys, contact lists, and stored text messages.

  9. Smartphone

    A mobile device that combines the functions of a wireless phone and functions typically associated with a computer. These functions include email access, the ability to browse the Internet, access to online banking, synchronization between the device and a computer, as well as many more functions.

  10. SMiShing

    The act of using social engineering techniques similar to phishing but via text messaging. The name is derived from "SMS (Short Message Service) phishing." SMS is the technology used for text messages on mobile phones. SMiShing uses text messages to try and get you to divulge your personal information. The text message may link to a website or a phone number that connects to automated voice response system.

  11. Sniffer

    Software or device that monitors network traffic. Hackers use sniffers to capture data transmitted over a network.

  12. Social engineering

    The act of manipulating people into performing actions or divulging confidential information. It relies on human interactions, such as trying to gain the confidence of someone through trickery or deception for the purpose of information gathering, fraud, or computer system access. This can take many forms, both online and offline.

  13. Spam

    An unwanted electronic message, most commonly unsolicited bulk email. Typically, spam is sent to multiple recipients who did not ask to receive it. Types include email spam, instant messaging spam, web search-engine spam, spam in blogs, and mobile phone-messaging spam. Spam includes legitimate advertisements, misleading advertisements, and phishing messages designed to trick recipients into giving up personal and financial information. Email messages are not considered spam if a user has signed up to receive them.

  14. Spear phishing

    The act of sending an email that appears to come from a legitimate source, such as a bank, a company's internal IT department, an internal employee, or a business partner. While phishing uses mass email, spear phishing targets a very small number of recipients. The email sender information may be spoofed so the email appears to originate from a trusted source. Messages typically request username and password details, provide a link to a website where visitors can enter personal information, or have an attachment containing a virus, Trojan, or spyware.

  15. Spim

    A type of spam specific to instant messaging. The messages can be simple unsolicited ads or fraudulent phishing mail.

  16. Splog

    A combination of the words spam and blog that has been created for the purpose of distributing spam. Splogs contain fake articles created for search engine spamming. Splogs are created to attract people to spam sites, primarily via search engines.

  17. Spoofed website

    A website that mimics a real company's site—mainly financial services sites—in order to steal private information (passwords, account numbers) from people tricked into visiting it. Phishing emails contain links to the counterfeit site, which looks exactly like the real company's site, down to the logo, graphics, and detailed information.

  18. Spoofing

    Spoof means to hoax, trick, or deceive. Spoofing can take many forms on the Internet, like faking the email address of another user. A spoofed website is one that mimics a real company's site—mainly financial services sites—to steal private information (passwords, account numbers) from people tricked into visiting it.

  19. Spyware

    Spyware spies on a user's computer. Spyware can capture information like web browsing habits, email messages, usernames and passwords, and credit card information. Just like viruses, spyware can be installed on a computer through an email attachment containing malicious software.

Back to Top
  1. Tablet

    A portable computer that uses a touchscreen as its primary input device. Most tablets are small and weigh less than the average laptop.

  2. Tether

    Process of connecting your mobile phone to a laptop or similar data device using a data cable or wirelessly via Bluetooth. This is commonly done to connect a device, such as a laptop, to the Internet using a mobile phone.

  3. Texting

    The process of sending or receiving written messages using a mobile phone. Texting is a common form of communication among mobile phone users. See also: Short Message Service (SMS).

  4. Time bomb

    A malicious action triggered at a specific date or time.

  5. Triggered event

    An action built into a virus that is set off by a specific condition. Examples include a message displayed on a specific date or reformatting a hard drive after the 10th execution of a program.

  6. Trojan (Trojan horse)

    Malicious programs disguised as legitimate software. Users are typically tricked into loading and executing it on their systems. One key factor that distinguishes a Trojan from viruses and worms is that Trojans don't replicate.

  7. Tunneling

    A virus technique designed to prevent antivirus applications from working correctly. Antivirus programs work by intercepting the operating system before it can execute a virus. Tunneling viruses try to intercept the actions before the antivirus software can detect the malicious code. New antivirus programs can recognize many viruses with tunneling behavior.

  8. Typosquatting

    Also known as URL hijacking, it relies on mistakes such as typographical errors made by Internet users when inputting a website address into a browser. If the user accidentally enters the incorrect website address, they are lead to an alternative website that usually is designed for malicious purposes.

Back to Top
  1. Virus

    A computer program file capable of attaching to disks or other files and replicating itself repeatedly, typically without user knowledge or permission. Some viruses attach to files so when the infected file executes, the virus also executes. Other viruses sit in a computer's memory and infect files as the computer opens, modifies, or creates the files. Some viruses display symptoms, and others damage files and computer systems, but neither is essential in the definition of a virus.

  2. Vishing

    The criminal practice of posing as a legitimate source to obtain information over the telephone system (phishing via phone/ voicemail). It is facilitated by Voice over IP because it can spoof (fake) caller ID to gain access to personal and financial information.

  3. Voice over Internet protocol (VoIP)

    Telephone service that uses the Internet as a global telephone network. Skype is an example of a VoIP offering for both regular and mobile phones.

  4. Vulnerability

    An exploitable defect in a software application or operating system that allows hackers to crash systems, access information on systems, or use systems for their own purposes.

Back to Top
  1. War dialing

    Process in which a computer is used to automatically call a list of telephone numbers, usually dialing every number in a local area code to search for computers and fax machines that can successfully make a connection with the computer. When each call is made, the program makes a list of which numbers made a successful connection with a computer and a fax machine. That list can be later used by hackers for various reasons, including hacking a wireless access point with an unprotected login or an easily cracked password to gain access to a network.

  2. War driving

    The act of stealing personal information by driving around looking for unsecured wireless connections (networks) using a portable computer or a personal digital assistant (PDA). If your home wireless connection is not secured, thieves can access data on all the computers you have connected to your wireless router, as well as see information you type into your banking and credit card sites.

  3. Web browser

    An application that lets a user access and display content from the Internet.

  4. Whaling

    A type of scam in which phishers find the name and email address of a company's top executive or team of executives (information often freely available on the web), and craft an email specific to those people and their role at the company. The email attempts to lure the executives into clicking on a link that will take them to a website where malware is downloaded onto their machines to copy keystrokes or ferret out sensitive information or corporate secrets.

  5. White hat hackers

    Also known as "ethical hackers," white hat hackers are computer security experts who specialize in penetration testing and other testing methodologies to ensure that a company's information systems are secure. These security experts may utilize a variety of methods to carry out their tests, including social engineering tactics, use of hacking tools, and attempts to evade security to gain entry into secured areas.

  6. Whitelist

    A list of legitimate email addresses or domain names that is used for filtering spam. Messages from whitelisted addresses or domains are automatically passed to the intended recipient.

  7. Wi-Fi

    The name commonly given to wireless networks. Wi-Fi (short for wireless fidelity) networks are commonly used by many businesses and these networks can be protected so that only authorized users may access them.

  8. Worm

    A virus that spreads by creating duplicates of itself on other drives, systems, or networks. A mass-mailing worm is one that requires a user's intervention to spread, (e.g., opening an attachment or executing a downloaded file). Unlike viruses, worms do not infect other files. Most of today's email viruses are worms. A self-propagating worm does not require user intervention to spread.

Back to Top
  1. Zero-day threats, zero-day vulnerabilities

    Also known as zero-hour threats and vulnerabilities, they include threats that take advantage of a security hole before the vulnerability is known. The security hole is usually discovered the same day the computer attack is released. In other words, software developers have zero days to prepare for the security breach and must work as quickly as possible to fix the problem.

  2. Zombie

    A computer that has been compromised by a virus or Trojan horse that puts it under the remote control of an online hijacker. The hijacker uses it to generate spam or makes the computer unusable to the owner, and the user is usually unaware that their computer has been compromised. Generally, a compromised machine is only one of many in a botnet, and will be used to perform malicious tasks under remote direction.

  3. Zoo

    A collection of viruses used for testing by researchers. See also: in the wild, zoo virus.

  4. Zoo virus

    A virus found only in virus laboratories that has not moved into general circulation.

Back to Top