Term | Definition |
Adware | A software program that delivers advertising content in a manner that is unexpected and unwanted by the user |
Armored Virus | A virus that goes through great lengths in order to avoid detection |
Backdoor | Software code that gives access to a program or service that circumvents normal security protections |
Bot Herder | An attacker who controls a botnet |
Botnet | A logical computer network of zombies under the control of an attacker |
Command and Control | The structure by which a bot herder gives instructions to zombies in a botnet |
Computer Virus | Malicious computer code that, like its biological counterpart, reproduces itself on the same computer |
Dumpster Diving | The act of digging through trash receptacles to find info that can be useful in an attack |
Hoax | A false warning designed to trick users into changing security settings on their computer |
Impersonation | A social engineering attack that involves masquerading as a real or fictitious then playing out the role of that person on a victim |
Keylogger | Software or hardware device that captures and stores each keystroke that a user types on the computer's keyboard |
Logic Bomb | Computer code that lies dormant until it is triggered by a specific logical event |
Macro | A series of instructions that can be grouped together as a single command, often used to automate a complex set of tasks or a repeated series of tasks |
Macro Virus | A computer virus that is written in a script known as a macro |
Malware | Software that enters a computer system without the user's knowledge or consent and then performs an unwanted and usually harmful action |
Metamorphic Malware | Malware that rewrites its own code and thus appears different each time it is exicuted |
Oligomorphic Malware | Malware that changes its internal code to one of a set number of predefined mutations whenever it is exicuted |
Pharming | A phishing attack that automatically redirects the user to a fake site |
Phishing | Sending an email or displaying a web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private info |
Polymorphic Malware | Malware code that completely changes from its original form whenever it is executed |
Program Virus | A computer virus that infects executable program files |
Ransomware | Malware that prevents the user's device from properly operating until a fee is paid |
Rootkit | A set of software tools used by an attacker to hide the actions or presence of other types of malicious software |
Shoulder Surfing | Watching an authorized user enter a security code on a keypad |
Social Engineering | A means of gathering information for an attack by relying on the weakness of individuals |
Spam | Unsolicited email |
Spyware | A general term used to describe software that spies on users by gathering info without consent |
Tailgating | When unauthorized individuals enters a restricted-access building by following an authorized user |
Trojan Horse | An executable program that is advertised as performing one activity but which actually performs a malicious activity |
Typo Squatting | Redirecting a user to a fictitious website based on a misspelling of the URL. also called URL hijacking |
URL Hijacking | Redirecting a user to a fictitious website based on a misspelling of the URL. also called typo squatting |
Vishing | A phishing attack that uses telephone calls instead of emails |
Watering Hole Attack | A malicious attack that is directed towards a small group of specific individuals who visit the same website |
Whaling | A phishing attack that targets only wealthy individuals |
Worm | A malicious program designed to enter a computer via a network to take advantage of a vulnerability in an application or an OS |
Zombie | An infected computer that is under the remote control of an attacker |
Spim | A variation of spam, which targets instant messaging users instead of email users |
Spear Phishing | A phishing attack that targets only specific users |