Cyberattacks have been on the rise for the past several years and
2017 shows no signs of letting up. But, these days, online threats go
far beyond your computer getting a virus. If you don't know what threats
are out there, protecting yourself will be a challenge. That's why I've
rounded up 30 terms you need to know if you want to safeguard your
online privacy and security.
Two terms before we begin
Each of the terms we're about to go over all fall under the umbrella of two terms you need to understand. The first is "Cyberattack" and the second is "Cybersecurity."Cyberattack
Simply put, a cyberattack is any attempt by an outside source to target, steal from, spy on, damage or destroy a computer network. Cyberattacks come in all shapes and sizes (as you're about to see), and the criminals behind them don't set their sights on a single target. No home network is too small, or company too large, to fall victim.Cybersecurity
Cybersecurity, on the other hand, is the act of protecting networks from cyberattacks. Whether it's locking down your personal network at home, or hiring a staff of IT professionals to secure the network for your business, cybersecurity is increasingly becoming a challenging task. To beat cybercriminals, you have to always be one step ahead of the game.Glossary of cybersecurity terms
1. Adware
What it means: Adware is an annoying form of malware that bombards you with ads when you go online, or use certain programs on your device.
Why it matters:
Mostly, adware is just a nuisance. However, certain forms of adware go
beyond annoying pop-ups. Some forms are able to collect marketing data
based on your online behavior, and can even redirect you to websites you
weren't looking for. The good news is, in most cases, you'll know if
your device has been infected because it begins to display these ads, or
exhibit odd behavior. Click here to learn which signs you should look for.
2. Botnet
What it means:
A botnet is a group of private computers or web-connected devices that
have been infected with malware that allows them to be controlled
remotely as a group by a hacker. Everything from your laptop to your
smart TV, baby monitor, security camera, etc. can be infected and used
as part of a botnet if you're not careful.
Why it matters:
Botnets are used by cybercriminals in several types of
cyberattacks including DDoS attacks, clickfraud and more. Although these
types of cyberattacks don't typically impact you directly, if your
devices are infected, it means there are gaps in the security of the
router, or your entire network. Click here for one thing your router needs to keep hackers out.
3. Card skimmer
What it means:
A card skimmer is a device that can be installed on ATM machines or
other types of card readers, which collects the data from the magnetic
strips of payment cards (both credit and debit).
Why it matters:
These devices are bad news. They're relatively easy to install and
allow thieves to make copies of your payment cards and use them to make
unauthorized purchases. In some cases, thieves also install tiny cameras
with the skimmers so they can record you as you enter your pin
number. Certain types of card skimmers are easy to spot, but new "insert" card skimmers
are practically invisible. In any case, thieves will often use skimmers
to collect your financial information and purchase goods before you
realize there's a problem.
Protect yourself by using cards with EMV chips whenever possible, and always covering your pin when you enter it.
4. Clickfraud
What it means:
Clickfraud is when artificial clicks are created to manipulate
pay-per-click advertising campaigns to either increase revenue or
charges for an advertiser.
Why it matters:
Although clickfraud may not impact you personally in a negative way,
the cybercrooks behind these types of scams often need a "botnet" (See
glossary term 2) to make them work. To create these botnets, hackers
target the web-connected gadgets of hundreds or even thousands of
individuals.
5. Cyber-espionage
What it means:
Espionage, as we all know, is the practice of spying on someone else to
collect confidential information. Cyber-espionage means the same thing,
except it involves the use of computers.
Why it matters: The
targets of this cybercrime are typically large corporations or
government organizations, but that doesn't mean individuals are deemed
too small for the effort. If you have information that can be used by
the crook, your devices can be compromised in order to get it. It's also
important to point out that this form of spying also leads to bigger
problems, since it provides the criminals with data they need to conduct
other cyberattacks, such as data breaches.
6. Dark Web
What it means: The
Dark Web is an encrypted network of "Darknets" that makes up a portion
of the Deep Web. Accessing this hidden section of the web requires a
special encryption software called Tor.
Why it matters: The
Dark Web itself isn't illegal. Many people do use it for what it was
originally intended. That is, to browse the web without being tracked by
their internet service provider, web services or even the government. However, we can't pretend that the Dark Web isn't home to some pretty horrific things. Evidence of kidnappings, hitmen for hire, prostitution, child pornography, drugs, guns... you name it. Click here for a detailed breakdown of the Dark Web, Deep Web and the myths that come with them.
7. Data breach
What it means: This year, the largest data breach in history was recorded as Yahoo confessed that 1 billion user accounts had been compromised. A data breach is when hackers steal confidential information that's sitting in a database.
Why it matters:
While large companies are the prime targets for this type of attack,
individuals are always the victims. Target, Wendy's, LinkedIn, Home
Depot, Rambler, DailyMotion, Weebly and other big-name companies have
all fallen victim. And, once the hackers have their hands on their
customers' information, they sell it on the Dark Web. Everything
including your email address, phone number, date of birth, and even your
Social Security number can then be used by other criminals for future
scams.
8. DDoS attack
What it means:
DDoS stands for "distributed denial of service," which is a techy way
of saying "crashing a system or the whole internet." It works when a
targeted website or server is flooded by an overwhelming amount of
requests from millions of connected machines in order to bring it down.
Why it matters: DDoS attacks sound like something straight from a Sci-Fi movie, but they're actually happening. Back in October, a massive DDoS attack resulted in a loss of internet access for people living on the East Coast, and even some sites nationwide.
Unsecured
routers, printers, IP web cameras, DVRs, cable boxes, connected "smart"
appliances such as Wi-Fi light bulbs and smart locks can all be
hijacked and involved in cyberattacks without the owner knowing about
it. The first step to preventing your devices from being hacked is
securing your router. Click here to learn how, and find solutions to four other infuriating tech problems.
9. Drive-by download
What it means:
Drive-by downloads are the way most malware is installed - that is,
accidentally. It happens when cybercrooks hide malicious software in ads
or links that takes advantage of weaknesses in your device, or web
browser.
Why it matters:
Most drive-by downloads result in a virus that the user may not even
realize is there. Plus, this malicious software can be hidden anywhere -
websites, emails, pop-up windows, you name it. This is what has made
the internet such a risky place if you aren't constantly running your
software updates, and protecting yourself with anti-virus software.
10. Exploit
What it means: An exploit is an identified gap or weakness that has been found in a particular software or operating system.
Why it matters:
Hackers find these gaps and design malware and Trojan horses that can
exploit them. Because of this, software developers also hire their own
"hackers," or create incentive programs for anyone who can identify a
bug before real hackers find it. They do this so they can patch their
software and eliminate the vulnerability. However, sometimes the real
hackers discover these gaps first. These are called "zero-day exploits."
Keep reading to the end of this article to see what makes zero-day
exploits so dangerous.
11. Exploit kits
What it means:
An "exploit kit" or "exploit pack" is a toolkit that can be purchased
to target the exploits we talked about earlier. Typically, these packs
are designed for vulnerabilities in Java, Adobe Reader and Adobe Flash.
Why it matters:
If you're thinking that all cyberattacks are orchestrated by a cynical
group of hackers, that's just not the case. These kits make it possible
for individuals with basic skills to cause a lot of damage.
12. Identity theft
What it means:
For this crime, a thief uses your personal information, such as your
Social Security number or driver's license, to impersonate you for their
own benefit.
Why it matters:
If your identity is stolen, you could be in store for years of
problems. Your credit score could be ruined, and you could lose
temporary or permanent access to funds in your bank account. You might
not notice there's a problem until it's too late, and getting everything
straightened out can be a complete nightmare. This is why it's so
important that you regularly monitor your credit report. Click here to learn how to request yours for free.
13. Keylogger
What it means: A keylogger is a type of malware that's designed to log all of the keystrokes the user makes on their device.
Why it matters:
If your device is infected with keylogging software, everything you
type can be accessed by the scammer. This includes private messages, as
well as your usernames and passwords. That information can then be used
for other scams, such as data breaches or identity theft. To find out if your device has been infected with a keylogger, click here.
14. Malvertising
What it means:
Malvertising is a form of internet advertising where malicious code is
hidden within online ads that otherwise appear to be safe.
Why it matters:
Clicking on these ads may lead the user into deeper trouble. Not only
can the click unleash the malicious code that infects your computer, it
can also direct you to fake sites that launch pre-installed programs
that are malicious in themselves. In July 2016, a malvertising scheme
was discovered that infected millions of computers. Read the full story when you click here.
15. Malware
What it means:
Malware is easiest described as software that is designed for the
purpose of damaging or gaining access to devices or systems without the
users' knowledge.
Why it matters:
As you can see by this list, there are many types of malware. Spyware,
adware, ransomware, etc., are all unique types that are designed for
specific purposes. But, no matter which type of malware you come in
contact with, it's never good for you or your system. And, cybercrooks
are creative in the ways they fool you into downloading this malicious
code onto your computer. One of the most troublesome ways we've
witnessed so far was a form called "Hicurdismos," which tricked people
by posing as a Windows 10 security update. Click here to read the full story.
16. Patch
What it means:
A patch is a software update designed to fix bugs and repair
vulnerabilities that have been discovered by the software developer.
Why it matters: Have
you ever heard of "Patch Tuesday"? Of course you have! You're a
Komando.com follower and Kim Komando listener! Many tech companies like
Microsoft, Adobe, Apple and Android issue regular patches for their
software. Many of these repairs are built into operating system updates;
however, if an issue is deemed critical enough, a security patch will
be issued. These security patches are typically in response to zero-day
exploits that have already been utilized by hackers.
17. Pharming
What it means:
Pharming is when cybercrooks design fake websites or pages to look
exactly like their legitimate counterparts, all with the intention of
tricking people into entering private login information.
Why it matters:
Imagine logging into your bank account only to realize that the site
you've just logged into doesn't belong to your bank at all. Think of all
the information you've just handed over: your username, password, email
address, and even your bank account number. Yikes! There's also a
different form of this scam called "Like Farming" on Facebook. Click here to see how this scam works, and why you should be cautious about Liking things on your News Feed.
18. Phishing
What it means: Phishing is an attempt, typically made through an email, to obtain your private information by imitating someone else.
Why it matters:
The scam artists behind phishing schemes go through great lengths to
create an email that appears to be from someone you trust. Sometimes
they pose as people you know, such as the CEO of the company you work
for, and sometimes they pose as legitimate companies like Amazon. Either
way, there are usually signs that the email is fake. Can you spot them?
Take our quiz to find out.
19. Point-of-sale intrusions
What it means:
Point-of-sale intrusions happen when the payment system of a retailer
or other company is compromised, leaving the financial information of
its customers at risk.
Why it matters:
When you swipe your card at a store, use it to book your flight, or
make a hotel reservation, that information is stored somewhere.
Typically, it's stored in the point-of-sale system that particular
company uses for its own financial records. But vulnerabilities in these
systems make them prime targets for hackers, who crack them and make
off with hundreds of thousands of customers' credit card numbers.
20. RAM-scraping malware
What it means: This type of malware is designed to "scrape" your hard drive for sensitive data.
Why it matters:
Just think of all the data you store on your device. From personal
photos to contracts, to leasing agreements, to tax documents - there are
many things that you'd never want to fall into the hands of a hacker.
21. Ransomware
What it means: Ransomware is malicious software that encrypts data found on your computer or gadget until a sum of money is paid.
Why it matters: The
biggest digital threat of the year was ransomware. Researchers say the
total amount paid by victims could hit $1 billion in 2016 alone. These
attacks have become a favorite of scammers, partially because of the
ease of anonymity. Not only is it a faceless attack but the ransom is
usually paid with bitcoin, which makes this a nearly untraceable crime.
There's also a debate in the law enforcement community on whether
victims should pay the ransom. These scammers promise to decrypt your
files once the ransom has been paid, but there's no guarantee that they
will actually do this. Some ransomware attacks discovered this year
actually deleted the victims' data the moment their gadget was infected,
never intending to decrypt it when payment was made. Click here to read an example of that scenario.
22. Social engineering
What it means: Social engineering is when a scammer manipulates someone into giving up their confidential information.
Why it matters: A
social engineer is basically a con artist who interacts with people
trying to get their sensitive data so they can eventually rip them off.
The criminal is typically looking to trick you into giving them your
banking information or credentials into websites. If the scammer is
targeting a business, they will sometimes pretend to be a co-worker with
an urgent problem, asking for help accessing corporate resources. There
are many types of social engineering attacks in the fraudsters arsenal.
They will use such tricks as baiting, phishing, spear phishing and
scareware, just to name a few.
23. Spam
What it means: Spam is unsolicited messages sent via email. More broadly, it refers to any unwanted messages sent electronically.
Why it matters: In
the same way that circulars are placed in every mailbox in the
neighborhood, most spam is a form of advertising that targets large
groups of people. It is annoying but harmless. However, it can clutter
your inbox and occupy your bandwidth. It’s best not to open emails from
people you don’t know or you risk getting a virus. One trick to decrease
the amount of spam in your inbox is to set your spam filters. Click here for quick ways to take control of your Gmail inbox.
24. Spim
What it means: Spim, sometimes stylized as spIM, is spam sent through Instant Messaging (IM)
Why it matters: Spim
tends to be another annoying form of unsolicited advertising. It’s best
not to click links in messages sent by people you don’t know because it
could lead you to a pharming site. If you’ve ever contacted a company
via Facebook Messenger, you may have opened yourself up to receiving
promotional messages from that company. Luckily, there’s a way to block these messages.
25. Spyware
What it means: Spyware is a form of malware that allows unauthorized access to your device and permits someone to spy on you remotely.
Why it matters: Do you ever get that feeling like you're being watched? Spyware is one of the main reasons people have started to cover their webcams with tape or stickers because it allows someone to watch through your webcam or listen in through your microphone.
26. Trojan (or Trojan horse)
What it means: A
trojan horse is a malicious program that pretends to be something else,
usually as legitimate software, to trick people into installing it.
Why it matters: Trojans
are designed to be stealthy and deceptive so they are hard to detect in
plain sight. They can masquerade as anything - office software,
documents, games, videos, music files - usually spread through
peer-to-peer file sharing sites, unauthorized software app stores,
malicious websites/links and attachments spread through email and social
media. Once installed, trojans can execute a myriad of nasty stuff like
spying, data theft and total control of a computer.
27. Virus
What it means: A computer virus is malware that is designed to spread itself via replication and by infecting other computers.
Why it matters: Although
the term "computer virus" is mistakenly used as a catch-all term for
all malicious software, it actually refers to a specific type of malware
that attempts to copy and spread itself to other computers when
executed. Due to this automated replication, computer viruses can slow
your machine down to a crawl, send emails on your behalf without your
consent and even bring down entire networks. Viruses can spread via
email and text attachments, social media links and trojan software.
Although mostly only disruptive in intent, some viruses are financially
motivated as well.
28. Vulnerability
What it means: Vulnerabilities are the weaknesses in software programs or operating systems we mentioned when we talked about "exploits."
Why it matters:
If vulnerabilities aren't found and patched in time, they can be used
by hackers as backdoors that provide access to web-connected devices or
entire networks. Every web-connected device you own is subject to these
vulnerabilities - including your router. In fact, this particular brand of routers was recently found to have major security flaws.
29. Website spoofing
What it means:
Website spoofing is the act of deliberately creating a website designed
to mislead users, making them believe they're on a site, but they're
actually not.
Why it matters: These
sites are often used for pharming scams and can be identified by
differences in the site's URL. If you're headed to Amazon.com, for
example, but accidentally type an extra O in the URL, you could find
yourself on Amazoon.com instead. Spoofed sites will look incredibly
similar to the sites you're really trying to reach, so you should always
confirm the URL is correct before entering in any credit card details
or login credentials.
30. Zero-day exploit
What it means: Zero-day exploits signify vulnerabilities that have already been found by hackers and are being used to initiate various cyberattacks or schemes.Why it matters: If you hear this term, in one of our security alerts, you should pay close attention. Patching these bugs is absolutely critical. Each time a zero-day exploit is found, it means the software developers have been outsmarted by hackers. And, as you can imagine, those hackers are trying to cause as much damage or gather as many pieces of data as possible before they're shut down. Click here for more reasons zero-day exploits are so concerning.
