Security Glossary of Terms

Security Glossary of Terms

Adware
Adware is the name for a function within certain software to provide advertising to customers as they use the software, in order to offset the software development costs. Adware is often confused with spy ware and malware, which have potentially malicious effects.

Anti-virus software
Anti-virus protection software detects, repairs, cleans, or removes virus-infected files. Some anti-virus products also detect and remove spy ware, malware, Trojan Horses and other malicious software from your computer. Anti-virus software is usually included with most computer systems and must be regularly updated to be effective.

Firewall
A firewall is a software or hardware device that limits access to a website, network or computer. Personal firewalls for home or business use are inexpensive and can limit unauthorized access to your home or work computer.

Malware (or malicious software)
Malware, or malicious software, is intentionally introduced into a computer system for the distinct purpose of causing harm or loss to the computer system or its data, or to be used as a platform to attack other computers. Malware can be unintentionally installed by clicking a button on a pop-up window or visiting a malicious website. Malware can change system parameters, install additional harmful software and may be difficult for you to remove from your system.

Patch
A patch is an update to computer software or a web browser that may fix bugs, add new features or close security holes. Most software vendors release browser or operating system security patches regularly, so periodic maintenance is required to ensure sound system security.

Pharming
Pharming is a variation of phishing which uses Internet vulnerabilities to send visitors trying to get to the target website to a website which is managed by the attackers. Once on the fraudulent site, the visitor will be asked to submit confidential information, and the attackers will capture this information for illegal use.

Phishing
Phishing is a type of scam with the intent of capturing personal information such as Social Security numbers, online banking user identification numbers, debit and credit card account numbers, and passwords. The user is typically sent an e-mail which appears to be legitimate, asking the user to click a link to a web page. The page may appear to be from a legitimate website and the attacker will ask the user for their debit card number, PIN, Social Security number, etc. A variant of phishing instructs the user to call a certain 1-800 number to verify account information instead of visiting a website.

Shoulder surfing
“Shoulder surfing” is the practice of peering at somebody’s PIN or password to gain illegal access to their personal information.

Spam
Spam is unsolicited e-mail, often commercial in nature, sent indiscriminately to multiple mailing lists, individuals, or newsgroups – electronic junk mail. The Can-Spam Act of 2003 requires spam messages to be labeled and requires an opt-out process. Spam is usually blocked by anti-spam software, which must be regularly updated to be effective.

Spy ware
Spy ware is software that may appear as adware, but which is generally used to monitor use of the computer in some way without the users’ knowledge or consent. Spy ware can potentially record keystrokes, browser history, passwords, and other confidential and private information and report these back to a third party using the Internet. Spy ware can also deliver spam or advertising without your notice and consent. Certain anti-virus programs can detect and remove spy ware.

Trojan Horse programs
Trojan Horse programs appear to be a game, video, music file or a useful program that instead install a malicious program on the target’s computer. Many anti-virus programs will detect and remove Trojan Horse programs, but must be regularly updated to be effective.

Vishing
Also known as “voice phishing,” vishing uses the either a combination of e-mail and telephone or an automated answering service to trick you into providing your personal information.