Some easy to understand explanations of typical online security jargon.

Phishing

Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords, payment card details etc. by pretending to be a trusted person or organisation.

This usually starts with an email that looks as though it has been sent by a legitimate organization (often a bank or government department). The email may ask you to confirm personal details but is more likely to contain a link to a fake website created by the fraudster that looks like the real organisation’s website.

The person enters their details and now the scammers have that and can sell it to other scammers or use it to create accounts in your name – they get the goods and you pay the bills.

Vishing

Similar to Phishing but by means of a telephone call or voice message..

Smishing

Similar to Phishing but using text messages instead of email, website page or voice calls.

Malware

The name Malware means any software that is designed to cause damage or disable a computer, server or computer network or to carry out actions against the wishes of the computer’s user. This includes viruses, worms, Trojan horses, ransomware, spyware, adware, and scareware etc. Badly behaves legitimate software is not included in this definition.

Ransomware

Ransomware is malicious software which gets into your computer or network and either encrypts all of the files or completely locks you out. The perpetrators then demand a ransom to give you a decryption key to unlock your files or a key to allow you back into your own computer.

The ransom usually has to be paid in Bitcoins to make it difficult for the Police to track.

A variant on this is simple extortion where the criminal threatens to release your secrets unless you pay a ransom.

Scareware

Scareware is not software, but where the perpetrator tries to convince you to pay a ransom under threat of exposure of your confidential information or release of secrets.  In this case the threat is not real.

Virus and Anti-Virus

A computer virus is a type of malicious software that, when executed, replicates itself by modifying other computer programs and inserting its own code. When this replication succeeds, the affected areas are then said to be "infected" with a computer virus. Viruses can inflict untold damage on a computer system,

Anti-virus is the software that detects and neutralises viruses.

Firewall

A firewall is software or hardware that monitors and controls incoming and outgoing network traffic. It determines what to allow through and what to block based upon pre-determined rules.  

 A firewall is essentially a barrier to keep out hackers and other unwanted traffic.

There are network firewalls to control access to a network, Internet firewalls to control access to the Internet and personal firewalls to control access to a single computer.

Encryption

Encrypting data turns it into a code so that only a person with the unlock code (decryption key) can read it.

Hacker

Someone who violates computer security for malicious reasons, kudos or personal gain. The word is sometimes used to mean anyone with good computer skills in getting into protected systems.  A White Hat hacker (also called ethical hacker) is someone who uses hacking skills but works for government or an anti-malware organisation to protect people rather than cause damage.

Intrusion Detection System

Program or device used to detect that an attacker is or has attempted unauthorised access to computer resources.

Intrusion Prevention System

Intrusion detection system that also blocks unauthorised access when detected.

Key Logger

Software or a physical device that logs keystrokes (i.e. anything typed on a computer keyboard) to secretly capture private information such as passwords or credit card details.

Macro Virus

This is a virus hidden in a document that contains macros. This is usually a spreadsheet and word processing document but can include PDF documents and anything capable of running macros. 

Spyware

Malware that gets into your system and passes information back about the computer user’s activities, to an external party. This is commonly used for tracking which websites someone visits or any purchases they make etc.

Two-Factor Authentication

This is a method for adding an extra layer of security for access to protected systems.

As well as a password (or similar) the user will need to identify themselves using a second method. The most common is to use a password and a PIN number provided by text message when you try to login.

Virtual Private Network

A Virtual Private Network (VPN) is a technology that provides privacy on the internet by making an encrypted link between the user’s computer and the target server. VPNs are used to provide anonymous access to the Internet, hide the country location and provide a higher level of security.

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.


Articles on Guidance

Comments