Security Terms

also known as an advance fee fraud, the 419 scam originated in Nigeria and has been around since the mid 1990's. The scammer sends bulk e-mails to multiple recipients stating that they have a way of obtaining a large sum of money (e.g. unclaimed money or treasure). The intent of the e-mail is to trick the victim into believing they need to wire transfer a fee in order for the e-mail sender to obtain or secure the treasure/money with the promise that the victim will receive a portion of the money. However, the promised treasure/money does not exist, and usually, the victim is unaware, until after he has already performed the wire transfer to the scammer.

is usually installed with software provided for free or at a reduced price. By using advertising the developer of the software can recover development costs. Adware can keep track of what Internet sites the you visit and present advertising related to your surfing style.

confirms the identity of a user, system, or application.

is a vulnerability that when exploited, allows access to a system by skipping the normal authentication process.

is a deny list of any number of things. On the Internet, a blacklist commonly refers to a list of IP addresses that are access to a service or program. This usually occurs because the blacklister (the person who maintains the black list) disapproves of the blacklistee's (the person on the black list) actions, content, or behavior.

is a piece of software designed to complete a minor but repetitive task automatically or on command, especially when operating with the appearance of a (human) user profile or account. A hacker can use a bot to perform commands on victims' computers without their knowledge. The remote commands can make victims' computers send bulk e-mails and/or execute DoS attacks. This makes it appear that a victim's computer is sending bulk e-mails (spam) and/or executing DoS attacks, when the hacker is actually responsible.

is a flaw that causes software to malfunction. Hackers can take advantage of malfunctioning software. Allowing them to run malicious (malware) processes, access a system, or perform other actions.

a method used to bypass a program's security, usually using algorithms and formulas.

is an attack that renders a computer component, software, or resource unusable or unavailable. Reasons for and methods used to carry out a DoS attack may vary.

can be software or hardware component that permits or denies incoming and outgoing traffic between two or more different devices. The firewall analyses traffic based on sets of predefined rules that dictate the action to take. A firewall on a computer network is similar to a firewall in an automobile. Just like a piece of metal can be used to separated the engine compartment of a vehicle from the passenger area, so a firewall on your network can be used to separate or protect you from dangerous traffic on the internet. A firewall can be an appliance, or software that inspects traffic passing through it, and denies or permits passage based on a set of rules. These rules can become numerous and complicated. To simplify these rules, they are broken up into zones, and zones are broken up into categories like trusted and not trusted. Without proper understanding, updates, and configuration a firewall can become ineffective.

someone who specializes in exploiting vulnerabilities within an application, network, or system. Also called, Unethical Hackers, the primary focus of a black hat is his/her own personal gain.

a person who specializes in exploiting vulnerabilities within an application, network, or system. Also called, Ethical Hackers, the primary focus of a white hat is to break security features. Then a white hat will make the developers and/or users aware of the vulnerabilities, thus preventing unethical hacking.

a term that describes the malicious action of controlling a system or application to perform functions not originally intended and without the victim's consent.

is the act of a person representing themselves as someone else, for financial gain or other reasons. Having an identity stolen can be damaging in many ways; financially, emotionally, and possibly criminally.

can be hardware or software. It is a method of secretly capturing, recording, and usually sending a user's keystrokes to an unauthorized party. Hackers can use keyloggers to obtain passwords and other personal information.

is a setting mail servers use to allows anyone to send email through it. See the Email Security Section to learn more.

is any form of software or data used to infiltrate, control, and/or attack a computer system without the knowledge of the user. Malware comes from the words malicious and software. Examples include: viruses, trojans, worms, spyware, adware, and bots.

used to hide the IP address of a LAN (private) containing machines, or devices when requesting or sending data through the WAN (public). The private network may have many different LAN IP addresses but are only using 1 public IP address. NAT uses translation tables to map the private address into a single public IP address. This way, the source of the traffic will know which LAN machine to reply back to, but outside 3rd parties will be unable to identify the LAN IP address of that machine.

is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. See the Email Security Section to learn more.

is an extra browser window that pops-up over the current window. Pop-ups are usually an advertisement, or a way to collect e-mail addresses, that web pages use to solicit for their sponsors. If pop-ups occur without surfing or being on a web page, this may be an indication of an infected computer.

is usually an advertisement, or a way to collect e-mail addresses, that web pages use to solicit for their sponsors. If pop-unders occur without surfing or being on a Web page, this may be an indication of an infected computer.

is a scan that gathers information on a system, or group of systems. Hackers use this information to find vulnerabilities on the scanned systems.

For an email to be considered SPAM, it must be both unsolicited and sent in bulk. Not all bulk email is spam. Not all unsolicited email is spam. If you agreed to receive email from a company, it is not spam. See the Email Security Section to learn more.

Software installed without the user's knowledge that secretly monitors the user's computer activity and takes partial control over the interaction with the machine. It can change computer settings, redirect website addresses, and inhibit installing new software.

a software such as a worm or a virus that disguises itself as a desired file or application. Once installed on the computer the Trojan performs undisclosed malicious functions. For example, someone may download free application from the Internet. Once downloaded, the program loads hidden programs that steal information and/or allows remote access.

a computer program which that infects a computer and can damage software, delete files, or wipe out the hard disk and require some user action to help spread to the next system. Similar to a biological virus, some computer viruses can modify themselves to evade anti-virus software. Viruses can also tie up system resources thereby degrading the computer's performance.

is a self-replicating program similar to a virus. A computer Worm spreads on its own. Worms require no user interaction to infect a computer or device. Because of this, worms can infect computers at a faster rate than a virus.