Cybersecurity

Adware

Software that collects consumer surfing and purchasing data

Botnet

A network of hijacked computers

Bot Herder

Hackers that control hijacked computers

Click Fraud

Inflating advertising revenue by clicking online ads numerous times

DoS

Overloading an Internet service provider’s e‐mail server by sending hundreds of e‐mail messages per second from randomly generated false addresses

Email Threats

Sending an e‐mail instructing the recipient to do something or they will suffer adverse consequences

Hijacking

Gaining control of a computer to carry out unauthorized illicit activities

Internet Misinformation

Circulating lies or misleading information using the world’s largest network

Internet Terrorism

Using the Internet to disrupt communications and e‐commerce.

Key logger

Use of spyware to record a user’s keystrokes

Pharming

Diverting traffic from a legitimate Web site to a hacker’s Web site to gain access to personal and confidential information.

Phishing

E‐mails that look like they came from a legitimate source but are actually from a hacker who is trying to get the user to divulge personal information

Spamming

E‐mailing an unsolicited message to many people at the same time.

Splog

A spam blog that promotes affiliated Web sites to increase their Google PageRank.

Spyware

Software that monitors and reports a user’s computing habits

Spoofing

Making an e‐mail look like it came from someone else

Typosquatting

Creating Web sites with names similar to real Web sites so users making errors while entering a Web site name are sent to a hacker’s site.

Bluebugging

Making phone calls and sending text messages using another user’s phone without physically holding that phone.

Bluesnarfing

Capturing data from devices that use Bluetooth technology

Eavesdropping

Intercepting and/or listening in on private voice and data transmissions

Evil Twin

A rogue wireless access point masquerading as a legitimate access point

Packet Sniffing

Intercepting Internet and other network transmission

Phreaking

Using telephone lines to transmit viruses and to access, steal, and destroy data

Piggybacking

Gaining access to a protected system by latching on to a legitimate user

Vishing

E‐mails instructing a user to call a phone number where they are asked to divulge personal information.

War Dialing

Searching for modems on unprotected phone lines in order to access the attached computer and gain access to the network(s) to which it is attached

War Driving

Searching for unprotected wireless networks in a vehicle.

Chipping

Inserting a chip that captures financial data in a legitimate credit card reader

Data Diddling

Altering data during the IPO (Input‐Process‐Output) cycle

Data Leakage

Copying company data, such as computer files, without permission.

Identity Theft

Illegally obtaining confidential information, such as a Social Security number, about another person so that it can be used for financial gain.

Round-Down Fraud

Placing truncated decimal places in an account controlled by the perpetrator.

Salami Technique

Embezzling small fractions of funds over time.

Scavenging

Searching through garbage for confidential data

Dictionary Attack

Using software to guess company addresses, send them blank e‐mails, and adding unreturned messages to spammer e‐mail lists

Hacking

Gaining access to a computer system without permission.

Logic Bomb

Software that sits idle until a specified circumstance or time triggers it

Malware

Software used to do harm

Masquerading

Pretending to be a legitimate user, thereby gaining access to a system and all the rights and privileges of the legitimate user.

Password Cracking

Capturing and decrypting passwords to gain access to a system.

Piggybacking

Using a wireless network without permission

Posing

Creating a seemingly legitimate business, collecting personal information while making a sale, and never delivering the item sold

Pretexting

Acting under false pretenses to gain confidential information

Rootkit

Software that conceals processes, files, network connections, and system data from the operating system and other programs

Shoulder Surfing

Observing or listening to users as they divulge personal information

Skimming

Covertly swiping a credit card in a card reader that records the data for later use.

Social Engineering

Methods used to trick someone into divulging personal information

Software Piracy

Unauthorized copying or distribution of copyrighted software

Steganography

Concealing data within a large MP3 file.

Superzapping

Special software used to bypass system control

Trap Door

Entering a system using a back door that bypasses normal system controls

Trojan Horse

Unauthorized code in an authorized and properly functioning program.

Virus

A segment of executable code that attaches itself to software.

Worm

A program that can replicate itself and travel over networks.

Zero- Day Attack

Attack between the time a software vulnerability is discovered and a patch to fix the problem is released.

Address Resolution Protocol (ARP) spoofing

Fake computer networking protocol messages sent to an Ethernet LAN to determine a network host's hardware

Buffer Overflow Attack

So much input data that storage is exceeded; excess input contains code that takes control of the computer.

Carding

Verifying credit card validity.

Caller ID Spoofing

Displaying an incorrect phone number to hide the caller’s identity.

Cyber Extortion

A demand for payment to ensure a hacker does not harm a computer.

Cyber Bullying

Using social networking to harass another person

Economic Espionage

Theft of trade secrets and intellectual property.

E‐mail spoofing

Making an electronic communication appear as though it originated from a different source

IP Address Spoofing

Creating packets with a forged address to impersonate another computing system

Internet auction fraud

Using a site that sells to the highest bidder to defraud another person

Internet pump‐and‐dump fraud

Using the Internet to inflate a stock price so it can be sold for a profit.

Lebanese looping

Inserting a sleeve to trap a card in an ATM, pretending to help the owner to obtain a PIN, and using the card and PIN to drain the account

Man‐in‐the‐middle (MITM) attack

A hacker placing himself between a client and a host to intercept network traffic.

Podslurping

Using a small storage device to download unauthorized data from a computer.

Ransonware

Software that encrypts programs and data until a payment is made to remove it.

Scareware

Malicious software that people are frightened into buying

Sexting

Exchanging explicit messages and pictures by telephone

SQL Injection

Inserting a malicious database query in input in a way that it can be executed by an application program.

SMS Spoofing

Changing the name or number a text message appears to come from.

XSS Attack

A link containing malicious code that takes a victim to a vulnerable Web site. Once there, the victim’s browser executes the malicious code embedded in the link

Tabnapping

Secretly changing an already open browser tab