Glossary

Alertshow/hide

An alert is a notification that a specific attack has been directed towards a specific organisation or its customers.

Anti-virus/anti-spywareshow/hide

Viruses, worms and trojans, are malicious programs that may harm your computer. Anti-virus software protects the computer by detecting them and then either placing them in quarantine or destroying them.

Anti-spyware software is designed to protect your computer from spyware; they work in similar ways to anti-virus software by detecting and deleting any spyware found on your computer. This helps your computer and personal information to remain confidential.

Attackshow/hide

An attack is the intentional act of attempting to bypass one or more computer security controls to achieve a specific purpose such as shutting down a firewall, computer or stealing information.

Authenticateshow/hide

To authenticate is to verify the identity of a user, user device (such as a computer), or the integrity of transmitted data, or to establish the validity of a transmission.

Authenticationshow/hide

Authentication is a security measure designed to establish the validity of certain data, messages, or its originator, or a means of verifying an individual's authorisation to access information such as account details, transactional information or even email.

Back doorshow/hide

Back doors are hidden software tools, often created by software writers. These can be exploited by third parties to bypass security controls allowing unauthorised access to system data.

Broadbandshow/hide

Broadband is a generic term for fast internet access. Broadband connections are typically delivered via a phone line (ADSL - Asynchronous Digital Subscriber Line), cable modem or via satellite.

Browsersshow/hide

A browser is a piece of software that allows you to view information on the internet.

Bot Netshow/hide

BotNets are networks of computers that have been infected with specific trojans which allow access by malicious third parties such as criminals and spammers. These individuals harness the power of infected computers to perform a variety of tasks, including sending spam email or mounting denial of service attacks on other computers or networks.

Cookiesshow/hide

Cookies are small files downloaded when visiting websites and stored on a computer's hard drive within user preference settings. Cookies are generally benign and are typically used to recognise a user and to display their defined preferences on a specific website to enhance the site experience.

Cookies can, however, also be used maliciously to capture information that might impact your PC security. The ease with which cookies can be loaded onto your computer is defined by the security settings in your browser.

Denial of serviceshow/hide

Denial of service is the result of an attack by a computer or series of computers on a network, device (such as a firewall) or computer. Personal computers infected with specific trojans can be used to mount denial of service attacks on other networks or computers, these malicious attacks can be used to extort money from the affected network or computer owners. During an attack, legitimate traffic such as email cannot get through.

Dictionary attackshow/hide

A dictionary attack is one which uses what is known as a 'brute-force' technique to gain access to a system typically by successively trying all the words or data in a large list.

Digital certificatesshow/hide

Digital certificates are employed to establish and validate a user's identity on the internet. There are two types of certificate - soft certificates which are embedded in web browsers and hard tokens - smart cards that are used with readers.

Encryptionshow/hide

Encryption is the method of converting information created by one person into an encoded form before it is sent via the internet to another. The encryption prevents unauthorised users from reading the information.

The encryption of information on the internet is most commonly experienced when performing online transactions. The presence of https:// in the URL, and/or when you see either locked 'padlock' or key symbols at the bottom right corner of your browser window denotes that the session is secure and that all information passing between two computers is being encrypted.

Firewallshow/hide

A firewall is a hardware device or software program that helps protect a computer from unauthorised access. In effect a firewall is the equivalent to a lock on a door into a room in that it only permits authorised users, ie those with the key, to enter. Firewalls have built-in filters that can prevent unauthorised or potentially dangerous material from entering a computer or network.

Some standard operating systems, such as Microsoft Windows, have an inbuilt software-based firewall.

Hackershow/hide

A hacker is the term to describe an unauthorised individual who attempts to or gains access to a computer or network. Hackers use a number of different techniques including 'brute-force' and 'social engineering' to gain access.

Identity theftshow/hide

Identity theft is the term for the criminal act of stealing personal information with the intent to use it to create similar cloned identities without the victims' knowledge.

Stolen personal information such as bank details, passport numbers, birth dates or social security numbers is used illegally to apply for credit, purchase goods and services or cloak the real identities of criminals undertaking more serious criminal acts.

ISPshow/hide

Internet service providers (ISPs) offer connection to the internet either via broadband (ADSL, cable modem or satellite), or via dial-up connection. ISPs often provide email services and some are beginning to offer anti-spam and virus on their email services.

Instant messagingshow/hide

Unlike email instant messaging software allows you to talk to someone in real time by typing and receiving messages. Instant messaging, or IM, is becoming increasingly popular for personal and business use, however it is also used by criminals to spread viruses and trojans.

You should be wary of clicking on any hyperlink sent to you by someone in an IM session, especially from unknown contacts.

Keyloggershow/hide

Keyloggers are hardware devices or software programs which record all information entered into a machine via a keyboard. Criminals deploy both types of keyloggers to capture personal information such as passwords and credit card numbers. Keyloggers can be installed on a computer without a user's knowledge. Using up-to-date anti-spyware software will help protect against the download of these programs.

The risk of keylogging is far greater when using computers shared by a number of users. Criminals have been known to place hardware devices on public access computers; equally the risk of other users downloading software variants is also greater in shared environments.

Malicious codeshow/hide

Malicious code is another description for programs such as viruses, worms and trojans that perform unauthorised processes on a computer or network such as send an email, stealing passwords or deleting information.

Malwareshow/hide

Malware is a general term for software programs that have been designed with or can be used for malicious intent. These include viruses, worms and trojans.

Muleshow/hide

Mules are individuals who unwittingly or not act as money laundering couriers for criminals who process funds from compromised accounts as the result or phishing or pharming.

Plug-inshow/hide

A plug-in is a piece of software that increases the functionality of a web browser. Some of the most popular plug-ins allow browsers to read documents created in Adobe Acrobat (PDF files) or play various types of audio and video files.

Phishingshow/hide

Phishing is a criminal activity that uses social engineering techniques. Phishers attempt to dishonestly and illegally get sensitive information, such as passwords and credit card details, by acting as a trustworthy person or business.

Phishing is typically carried out using email or instant messaging, although phone contact has been used also.

Pharmingshow/hide

Pharming is the term for the effect of Trojans, either keyloggers or malware capable of hijacking internet banking sessions, as criminals 'harvest' the information provided by these programs.

Scamshow/hide

Scam is a slang term for a fraud or confidence trick. Phishing is one of the largest internet scams. Other scams include advanced fee frauds such as fake lotteries and 419 scams - where individuals are sent notification that they have either won money or will obtain a percentage of a large amount of money belonging to a dead or missing individual sharing the same name.

Individuals are tricked into paying large sums of money to help facilitate the transfer of funds. The term 419 is derived from the number in the Nigerian penal code corresponding to this type of fraud.

Social engineeringshow/hide

The term 'social engineering' has come to describe the act of winning the trust of individuals such as company employees, to gain information which will be used to access computer systems. Typical social engineering techniques include using the telephone and posing as the employee of companies such as financial institutions or utilities, 'tailgating' employees into a corporate office through secure doors.

Spamshow/hide

Spam is the electronic equivalent to junk mail. Spam is often used to distribute viruses and other malware such as trojans, as well as phishing emails. The problem of spam email can be counteracted by using junk email filter software, some ISPs now offer this software as part of their standard service.

Spoofingshow/hide

Spoofing is a term that is most commonly used to describe the act of impersonating or masquerading as a person or organisation.

Typically the term will be used to describe the use of an official email address in a phishing email or the content of a fake website.

Spywareshow/hide

Spyware is software that is downloaded onto your computer (often without your knowledge). It can be used by third parties, including criminals, to monitor your internet activities, which could compromise the security of your personal information.

SSL (secure socket layer)show/hide

The Secure Socket Layer (SSL) is protocol that encrypts the communication between web browsers and the web servers that host websites.

This encryption (normally 128bit) prevents third parties from accessing sensitive information such as bank details, credit card numbers and account transactions. SSLs are in use when you see https:// in the URL bar or a solid padlock or key in the bottom right of your browser.

Trojanshow/hide

Trojans are a type of computer virus and their name is derived from the term 'trojan horse' from Greek mythology. They can be downloaded and installed on a computer without knowledge.

Any apparently legitimate software that carries malicious code is described as a trojan. Typically the malware associated with financial services may be a keylogger or code that may allow hackers to hijack an internet banking session.

Virusshow/hide

A computer virus, like its natural equivalent, is designed to replicate itself. In computer terms viruses copy themselves into other programs stored in a computer. Viruses usually have a negative impact such as slowing a computer down or corrupting or deleting files.

Modern computer viruses are spread by email or through file sharing networks. As new viruses are detected on a daily basis, the best defence is to use a regularly updated anti-virus software.

VoIPshow/hide

VoIP is the routing of voice calls over the internet or through any other IP-based network.

VoIP is usually used because it is cheaper and has more functions compared to traditional land-based telephony services. In general, phone service via VoIP is free or costs less than similar services from traditional sources with the same quality results. It can perform tasks that may be more difficult to achieve using traditional phone networks like routing calls to a user's VoIP phone regardless of where the user is connected to the network.

VoIP also allows users to travel anywhere in the world and still make and receive phone calls.

Wormshow/hide

Worms are similar to viruses. They replicate themselves from computer to computer either causing damage to the host computer or attacking a third party computer.

Similar to a virus, a worm's main feature is that it replicates itself using a host computer. It either causes damage to the host by using its computer memory or speed when replicating, or it uses the host computer to launch an attack elsewhere with malicious intent to perhaps cause disruption to a web server.

Zombieshow/hide

A zombie is a computer that has become part of a botnet. This often occurs without the owner's knowledge. Zombie computers are controlled by third parties and can be used by criminals to mount denial of service attacks as part of extortion rackets.