Term
|
Definition
the unauthorized access, modification, or use of an electronic device or some element of a computer system |
|
|
Term
|
Definition
short for robot network; is a network of powerful and dangerous hijacked computers |
|
|
Term
|
Definition
gaining control of a computer to carry our illicit activities without the user's knowledge |
|
|
Term
|
Definition
bot herders install software that responds to the hacker's electronic instructions onto unwitting PCs. |
|
|
Term
|
Definition
another word for hijacked computers |
|
|
Term
|
Definition
botnets are used to perform this attack, which is designed to make a resource unavailable to its users |
|
|
Term
|
Definition
e-mailing or texting an unsolicited message to many people at the same time, often in an attempt to sell something |
|
|
Term
|
Definition
harvestin attacks; spammers use special software to guess addresses at a company and send blank e-mail messages. Messages not returned usually have valid e-mail addresses and are added to spammer e-mail lists. |
|
|
Term
|
Definition
techniques, usually psychological tricks, to gain access to sensitive data or information. used to gain access to secure systems or locations |
|
|
Term
|
Definition
any software which can be used to do harm |
|
|
Term
|
Definition
making an electronic communication look as if someone else sent it to gain the trust of the recipient |
|
|
Term
|
Definition
making an email appear as though it originated from a different source |
|
|
Term
Address Resolution Protocol Spoofing |
|
Definition
sending fake ARP messages to an ethernet LAN |
|
|
Term
|
Definition
sniffing the ID of a domain name system request and replying before the real dns server can |
|
|
Term
zero-day attack
(zero-hour attack) |
|
Definition
an attack between the time a new software vulnerability is discovered and the time a software developer releases a patch that fixes the problem. |
|
|
Term
Cross-site scripting (XSS) |
|
Definition
a vulnerability in dynamic web pages that allows an attacker to bypass a browser's security mechanisms and instruct the victim's browser to execute code thinkinging it came from the desired web site |
|
|
Term
|
Definition
happens when the amount of data entered into a program is greater than the amount of the memory set aside to receive it. |
|
|
Term
SQL injection (insertion) |
|
Definition
malicious code in the form of an SQL query is inserted into input so it can be passed to and executed by an application program |
|
|
Term
|
Definition
places a hacker between a client and a host and intercepts network traffic between them. |
|
|
Term
|
Definition
Penetrating system security to steal passwords |
|
|
Term
|
Definition
◦Computer automatically dials phone numbers looking for modems. |
|
|
Term
|
Definition
◦Attacks on phone systems to obtain free phone service. |
|
|
Term
|
Definition
◦Making changes to data before, during, or after
it is entered into a system. |
|
|
Term
|
Definition
◦Unauthorized copying of company data. |
|
|
Term
Strong Password Characteristics |
|
Definition
- at least 10 characters
- include upper/lower case letter, digits, special characters
- phrases are effective
(names and birthdays are easily cracked) |
|
|
Term
|
Definition
◦Taking small amounts from many different
accounts. |
|
|
Term
|
Definition
the theft of information, trade secrets, and intellectual property |
|
|
Term
|
Definition
the act of disrupting electronic commerce and harming computers and communications. |
|
|
Term
|
Definition
Using the Internet to spread false or misleading information |
|
|
Term
|
Definition
Using an Internet auction site to defraud another person |
|
|
Term
|
Definition
all interest calculations are truncated at two decimal places and the excess decimals put into an account the perpetrator controls |
|
|
Term
Social Engineering Techniques |
|
Definition
- Identity Theft
- Pretexting
- Phishing
- Typosquatting
- Scavenging
- Shoulder Surfing |
|
|
Term
|
Definition
threatening to harm a company or person if a specified amount of money is not paid. |
|
|
Term
|
Definition
using the internet to pump up the price of a stock and then selling it. |
|
|
Term
|
Definition
manipulating click numbers to inflate advertising bills |
|
|
Term
|
Definition
Capturing ATM pin and card numbers |
|
|
Term
|
Definition
double-swiping a credit card |
|
|
Term
|
Definition
planting a device to read credit card information in a credit card reader |
|
|
Term
|
Definition
creating a seemingly legitimate business, collecting personal information while making a sale, and never delivering the product |
|
|
Term
|
Definition
sending an electronic message pretending to be a legitimate company, usually a financial institution, and requesting information or verification of information and often warning of some dire consequence if it is not provided |
|
|
Term
|
Definition
refers to activities performed on stolen credit cards, including making a small online purchase to determine whether the card is still valid and buying and selling stolen credit card numbers |
|
|
Term
|
Definition
is redirecting web site traffic to a spoofed web site |
|
|
Term
|
Definition
a wireless network with the same name as a legitimate wireless access point |
|
|
Term
|
Definition
setting up similarly named web sites so that users making typographical errors when entering a web site name are sent to an invalid site |
|
|
Term
|
Definition
secretly changing an already open browser tab |
|
|
Term
Scavenging; dumpster diving |
|
Definition
gaining access to confidential information by searching documents and records |
|
|
Term
|
Definition
perpetrators look over a person's shoulders in a public place to get information |
|
|
Term
|
Definition
any software that can be used to do harm |
|
|
Term
|
Definition
software that secretly monitors and collects personal information about users and sends it to someone else |
|
|
Term
|
Definition
spyware that pops banner ads on a monitor, collects information about the user's web-surfing and spending habits, and forwards it to the adware creator |
|
|
Term
|
Definition
malware company creates software to attack a competitor's malware |
|
|
Term
|
Definition
software that is often malicious and of little or no benefit that is sold using scare tactics |
|
|
Term
|
Definition
a set of malicious computer instructions in an authorized and otherwise properly functioning program |
|
|
Term
|
Definition
hide data files inside a host file, such as a large image or sound file |
|
|
Term
|
Definition
the unauthorized use of special system programs to bypass regular system controls and perform illegal acts, all without leaving an audit trail |
|
|
Term
|
Definition
segment of self-replicating, executable code that attaches itself to a file or program |
|
|
Term
|
Definition
like a virus, except worms harm networks instead of infecting files or data on a targeted computer.
Code Red Worm used a buffer-overflow to exploit a hole in Microsoft's Internet Information Services |
|
|
Term
|
Definition
stealing contact lists, images, and other data using bluetooth |
|
|
Term
|
Definition
taking control of someone else's phone to make or listen to calls, send or read text messages, connect to the internet, forward the victims calls, and call numbers that charge fees |
|
|