Term
|
Definition
| the unauthorized access, modification, or use of an electronic device or some element of a computer system |
|
|
Term
|
Definition
| short for robot network; is a network of powerful and dangerous hijacked computers |
|
|
Term
|
Definition
| gaining control of a computer to carry our illicit activities without the user's knowledge |
|
|
Term
|
Definition
| bot herders install software that responds to the hacker's electronic instructions onto unwitting PCs. |
|
|
Term
|
Definition
| another word for hijacked computers |
|
|
Term
|
Definition
| botnets are used to perform this attack, which is designed to make a resource unavailable to its users |
|
|
Term
|
Definition
| e-mailing or texting an unsolicited message to many people at the same time, often in an attempt to sell something |
|
|
Term
|
Definition
| harvestin attacks; spammers use special software to guess addresses at a company and send blank e-mail messages. Messages not returned usually have valid e-mail addresses and are added to spammer e-mail lists. |
|
|
Term
|
Definition
| techniques, usually psychological tricks, to gain access to sensitive data or information. used to gain access to secure systems or locations |
|
|
Term
|
Definition
| any software which can be used to do harm |
|
|
Term
|
Definition
| making an electronic communication look as if someone else sent it to gain the trust of the recipient |
|
|
Term
|
Definition
| making an email appear as though it originated from a different source |
|
|
Term
| Address Resolution Protocol Spoofing |
|
Definition
| sending fake ARP messages to an ethernet LAN |
|
|
Term
|
Definition
| sniffing the ID of a domain name system request and replying before the real dns server can |
|
|
Term
zero-day attack
(zero-hour attack) |
|
Definition
| an attack between the time a new software vulnerability is discovered and the time a software developer releases a patch that fixes the problem. |
|
|
Term
| Cross-site scripting (XSS) |
|
Definition
| a vulnerability in dynamic web pages that allows an attacker to bypass a browser's security mechanisms and instruct the victim's browser to execute code thinkinging it came from the desired web site |
|
|
Term
|
Definition
| happens when the amount of data entered into a program is greater than the amount of the memory set aside to receive it. |
|
|
Term
| SQL injection (insertion) |
|
Definition
| malicious code in the form of an SQL query is inserted into input so it can be passed to and executed by an application program |
|
|
Term
|
Definition
| places a hacker between a client and a host and intercepts network traffic between them. |
|
|
Term
|
Definition
| Penetrating system security to steal passwords |
|
|
Term
|
Definition
◦Computer automatically dials phone numbers looking for modems. |
|
|
Term
|
Definition
◦Attacks on phone systems to obtain free phone service. |
|
|
Term
|
Definition
◦Making changes to data before, during, or after
it is entered into a system. |
|
|
Term
|
Definition
◦Unauthorized copying of company data. |
|
|
Term
| Strong Password Characteristics |
|
Definition
- at least 10 characters
- include upper/lower case letter, digits, special characters
- phrases are effective
(names and birthdays are easily cracked) |
|
|
Term
|
Definition
◦Taking small amounts from many different
accounts. |
|
|
Term
|
Definition
| the theft of information, trade secrets, and intellectual property |
|
|
Term
|
Definition
| the act of disrupting electronic commerce and harming computers and communications. |
|
|
Term
|
Definition
| Using the Internet to spread false or misleading information |
|
|
Term
|
Definition
| Using an Internet auction site to defraud another person |
|
|
Term
|
Definition
| all interest calculations are truncated at two decimal places and the excess decimals put into an account the perpetrator controls |
|
|
Term
| Social Engineering Techniques |
|
Definition
- Identity Theft
- Pretexting
- Phishing
- Typosquatting
- Scavenging
- Shoulder Surfing |
|
|
Term
|
Definition
| threatening to harm a company or person if a specified amount of money is not paid. |
|
|
Term
|
Definition
| using the internet to pump up the price of a stock and then selling it. |
|
|
Term
|
Definition
| manipulating click numbers to inflate advertising bills |
|
|
Term
|
Definition
| Capturing ATM pin and card numbers |
|
|
Term
|
Definition
| double-swiping a credit card |
|
|
Term
|
Definition
| planting a device to read credit card information in a credit card reader |
|
|
Term
|
Definition
| creating a seemingly legitimate business, collecting personal information while making a sale, and never delivering the product |
|
|
Term
|
Definition
| sending an electronic message pretending to be a legitimate company, usually a financial institution, and requesting information or verification of information and often warning of some dire consequence if it is not provided |
|
|
Term
|
Definition
| refers to activities performed on stolen credit cards, including making a small online purchase to determine whether the card is still valid and buying and selling stolen credit card numbers |
|
|
Term
|
Definition
| is redirecting web site traffic to a spoofed web site |
|
|
Term
|
Definition
| a wireless network with the same name as a legitimate wireless access point |
|
|
Term
|
Definition
| setting up similarly named web sites so that users making typographical errors when entering a web site name are sent to an invalid site |
|
|
Term
|
Definition
| secretly changing an already open browser tab |
|
|
Term
| Scavenging; dumpster diving |
|
Definition
| gaining access to confidential information by searching documents and records |
|
|
Term
|
Definition
| perpetrators look over a person's shoulders in a public place to get information |
|
|
Term
|
Definition
| any software that can be used to do harm |
|
|
Term
|
Definition
| software that secretly monitors and collects personal information about users and sends it to someone else |
|
|
Term
|
Definition
| spyware that pops banner ads on a monitor, collects information about the user's web-surfing and spending habits, and forwards it to the adware creator |
|
|
Term
|
Definition
| malware company creates software to attack a competitor's malware |
|
|
Term
|
Definition
| software that is often malicious and of little or no benefit that is sold using scare tactics |
|
|
Term
|
Definition
| a set of malicious computer instructions in an authorized and otherwise properly functioning program |
|
|
Term
|
Definition
| hide data files inside a host file, such as a large image or sound file |
|
|
Term
|
Definition
| the unauthorized use of special system programs to bypass regular system controls and perform illegal acts, all without leaving an audit trail |
|
|
Term
|
Definition
| segment of self-replicating, executable code that attaches itself to a file or program |
|
|
Term
|
Definition
like a virus, except worms harm networks instead of infecting files or data on a targeted computer.
Code Red Worm used a buffer-overflow to exploit a hole in Microsoft's Internet Information Services |
|
|
Term
|
Definition
| stealing contact lists, images, and other data using bluetooth |
|
|
Term
|
Definition
| taking control of someone else's phone to make or listen to calls, send or read text messages, connect to the internet, forward the victims calls, and call numbers that charge fees |
|
|
