Advanced fee fraud (AFF)
Advanced fee fraud is a specific type of fraud. An AFF starts with an email to the victim, where the sender poses as an ex-government official a king, a corrupt businessman and so on. The email, traditionally in very bad English, explains that the sender has obtained large amounts of money but cannot move it out of their country.
The sender then offers the victim a share of the money if they help the sender to get it out of their country. To do this, the sender claims they need an up-front payment in order to set up a new account or bribe an official (this is the advanced fee). The victim sends the money but never hears from the sender again.
Also known as a 419. The name 419 comes from the penal code in Nigeria for a particular offence.
Adware
Adware is software which displays advertisements often in the form of pop-up windows or banners on web sites. Adware may contain spyware and malware.
Anti-virus software (AVS)
This is software that can check your computer for known viruses and remove them if they are there.
Most modern anti-virus software can also scan disks, CDs and emails as you use your computer.
This can stop viruses getting onto your computer in the first place.
Attack
An attack is an attempt to access or damage your computer, mobile phone or other device.
Attacks can take many forms, including password guessing, viruses, Trojans, worms, and denial of service.
Backdoor
A backdoor is a hole in your software that allows people to gain access to your computer. Unlike vulnerabilities, which are not intentional, backdoors are created on purpose. This can be done by a computer programmer to check the system, or by an intruder or a virus to make it easier for people to illegally gain access to you computer.
Bots and Botnets
In its most basic form, a bot is simply an automated computer program, or robot. In the context of botnets (short for bot network), bots refer to computers that are able to be controlled by one, or many, outside sources. An attacker usually gains control by infecting the computers with a virus or other malicious code that gives the attacker access. Your computer may be part of a botnet even though it appears to be operating normally. Botnets are often used to conduct a range of activities, from distributing spam and viruses to conducting denial-of-service attacks.
Brute force
In computing terms, this refers to trying to guess a password by trying every possible combination.
Cookie
A cookie is a small amount of information created by some websites you visit and stored on your computer. When you visit these websites again, the cookie allows the site to remember your settings, your details if you have entered them before, and many other useful things. Cookies are generally not harmful. However, it's possible to accumulate quite a number of them, which can affect your computer's performance, and some can reveal information about you that you’d rather keep private and may make it much easier for intruders to learn more about you.
Denial of service (DoS)
This is an attack that attempts to prevent users from accessing a system, usually by flooding the system with requests until it becomes unusable.
Distributed denial of service (DDoS)
This means using many computers at the same time to create a denial of service attack. This can be carried out by a group of people working together, or by an individual using a number of other people's computers at the same time.
An individual attacker can do this by hacking into computers or writing a virus.
Domain Name Service (DNS)
DNS stands for domain name service. It is the equivalent of a phone directory for the Internet and it that converts an easy-to remember name such as 'itsafe.gov.uk' to the underlying IP address '194.61.191.113'.
Drive-By Download
A drive-by-download describes what happens when programs are downloaded without the user’s knowledge or consent. This is most often the result of when the user clicks to close or eliminate a random advertisement or other web dialogue box.
Encryption
Encryption is the process of scrambling information in order to make it unreadable to those who are not meant to see it.
Encryption is used by online shops and banks to protect your credit details and your passwords when you type them in on the Internet.
Executable files
Executable files are files that run programs on your computer. On Windows they are recognised by the extension .exe.
However, .exe files are also the most common type of file for email viruses, so next time you receive an attachment that ends .exe, make sure you know exactly what it is before you think about opeening it.
Firewall
A firewall is hardware or software that helps to protect against intruders and worms by checking what connects to your computer and blocking some connection attempts if they are thought to be harmful.
HTML
HTML stands for Hypertext Mark-up Language. It is the type of programming code that is used lay out and format web pages.
Information Security (InfoSec)
The process of ensuring the confidentiality, integrity and availability of information and its related resources.
Intrusion Detection System (IDS)
This is known by the same name as the technologies used to protect buildings (such as alarms). However, computer intrusion detection systems attempt to warn you when something unusual is happening to your computer that may be the result of an intruder.
IP
IP is short for Internet Protocol. This is the method by which information is passed around the Internet.
IP is also used as an abbreviation of IP address, for example when used in the question "What's your IP?". This is a group of four sets of numbers, separated by full stops, that uniquely identifies every computer on the Internet. This is in a similar way to how your telephone number identifies your telephone line. For example the ITsafe website can be found on the IP address 194.61.191.113
Keystroke Logger
A piece of hardware or software that has been put onto your computer through a virus or hacking to copy information as it is typed in. This is normally used to steal logon names, passwords and bank details.
Logic Bomb
This is a malicious program that is put onto your computer without your knowledge. A logic bomb does nothing until a particular event occurs, such as a certain time or date or a sequence of keys being typed. At this point the logic bomb releases its payload.
Malware
This means malicious software. It is a term used to describe the whole family of nasty programs that include viruses, trojans, worms and spyware.
Network
A network is created when two or more computers are connected together.
Operating system (OS)
This is the main piece of software running on your computer, which controls everything your computer does. For example it runs your other programs and controls your hardware.
Popular operating systems include Windows and Mac OS.
Patches
Similar to the way fabric patches are used to repair holes in clothing, software patches repair holes in software programs. Patches are updates that fix a particular problem or vulnerability within a program. Sometimes, instead of just releasing a patch, vendors will release an upgraded version of their software, although they may refer to the upgrade as a patch.
Patch Tuesdays
Patch Tuesday is the second Tuesday of each month, the day that Microsoft releases security patches.
Payload
This is what a virus or worm does in addition to copying itself.
For example, payloads may delete files, monitor your computer or steal your personal information. However, a virus or worm that does not have a payload can still be bad as the copying action can slow down computers and networks.
Peer-to-peer (P2P)
This is network that directly connects two or more computers together, usually across the Internet, without needing to use servers.
Pharming
Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent.
Phishing
This is an attempt to trick someone into giving away personal information by pretending to be a well-known company or organization.
A typical phishing technique involves emailing people, pretending to be a bank and asking them to enter their bank details.
Port
Port has two meanings:
A port is a connection on a computer that cables are plugged into; or
An IP port number is a number that identifies a particular type of network communications. Port numbers are used by your computer to decide which program incoming network information needs to go to.
Rootkit
A rootkit is a piece of software that can be installed and hidden on your computer without your knowledge in order to give an intruder full access to your computer. It may be included in a larger software package or installed by an attacker who has been able to take advantage of a vulnerability on your computer or has convinced you to download it.
Using rootkits, attackers may be able to access information, monitor your actions, modify programs, or perform other functions on your computer without being detected.
Script-kiddie
This is an attacker who uses programs (called scripts) made by other, more advanced attackers so that they can attack computers without needing to have any hacking knowledge.
Server
This is a computer used to store information and process requests for that information for multiple users. On the Internet these tend to be web servers (which power the World Wide Web) and email servers (which store and pass email messages).
Social engineering
In the world of security this means tricking people so they do things you want them to do, such as reveal passwords or other personal details.
Spam
This is an unsolicited email that has been sent to many different people.
Spam Zombie
Spam zombies are PCs and servers that have been hijacked and programmed to send out spam to other computers and servers.
Spim
This is similar to spam, but refers to unsolicited messages sent over instant messaging (IM) services.
Spoofing
In computer terms this is the act of pretending to be something or somebody that you are not.
Spyware
This is a program that can run on your computer and records what you do. These programs range from relatively harmless ones, such as programs that monitor how often you visit a specific site, to those that track everything you do on your computer and send the results to someone else, who can then use this information for whatever they want.
Trojan
A Trojan is a program that tricks you into running it by making you believe it will do something good, when it will in fact do something harmful. Some trojans create a backdoor that makes it easier for a hacker to access the system the trojan is running on.
URL
URL stands for uniform (or universal) resource locator.
It is the standard way to describe addresses for a variety of things on the Internet, including web pages (such as http://www.itsafe.gov.uk), and email accounts (such as yourname@yourisp).
Virus
A virus is a malicious program or programming code that exploits a vulnerability on your computer in order to run without your consent.
It may spread by copying itself to other documents and programs, and may damage your computer with its payload.
Vulnerability
This is a flaw in the hardware or software of your computer that can be exploited by intruders or malware to gain unauthorized access.
Worm
A worm is a type of virus that self-replicates, usually via the network.
Zombie
This is a computer that has been taken over by an intruder or a malware program and is used to send spam or commit a denial of service attack.
