Glossary
Certain terms used to describe online threats can be
confusing. Here's an easy understand glossary of commonly used words that
are related to Internet security.
Virus: A program that replicates itself
across a network, or the Internet. The virus payload may be destructive,
like deleting files, or it could simply try to overwhelm a network by
copying itself. A Virus typically spreads itself by attaching itself
to emails that it sends out using your address book on your computer.
The virus will randomize the To: and From: fields of the email it sends
out in order to keep people in your address book from realizing and
warning you that YOU are the culprit that has been sending all that
virus-infected email to them. In general do not open any attachments
unless you are expecting something from someone you know.
Virus signature: The "fingerprints" of a
virus, which antivirus programs use to identify and isolate viruses. Users
should regularly update their antivirus programs online to download the
latest virus signatures, so they're protected against new viruses.
Typically most virus software companies give you a 1-year subscription to
their servers to download these virus signatures. BEFORE this
subscription expires you must renew your subscription in order to keep
your virus signatures up-to-date. Anywhere from 2 to 10 new viruses are
discovered each day and if you do not have the latest virus signatures
your chances of getting infected increase every day.
Worm: A virus that replicates itself without
human intervention. If the victim has to open an e-mail attachment to get
infected, it's a virus. But if it scans for new victims and attacks by
itself, it's a worm. Worms spread through a network and will
typically infect every computer attached to that network unless that
computer is protected by some Antivirus software.
Trojan: A program that doesn't necessarily
replicate itself, but like the legendary wooden "Trojan horse" is much
more than it appears. A Trojan program might look like a game, but instead
it steals your personal information and sends it to a criminal.
Password sniffer: A file that seeks out
passwords on your computer, then sends them to a hacker. A keylogger can
also grab anything typed on the keyboard.
Blended threat: A program that combines the
characteristics of viruses, worms and Trojan horses. An example of a
blended threat was the the Nimda virus outbreak.
Exploit: A program that takes advantage of a
security hole in a computer program, like Microsoft Windows or AOL Instant
Messenger.
Spyware / Adware: General terms for a program
that surreptitiously monitors your actions. While they are sometimes
sinister, like a remote control program used by a hacker, software
companies have been known to use spyware to gather data about customers.
Spyware typically seizes a great deal of your CPU's processing time and
Internet bandwidth eventually slowing your computer down to a point that
it will be rendered useless to you. A main source of spyware comes
from allegedly free programs that you be download off the Internet.
One of the primary sources of spyware is from free versions of Music
Sharing programs such as Kazaa, Morphis, Bearshare, Limewire, Madster,
Grokster, and WinMX to name a few. Even Real Player and Windows
Media Player have components that are considered spyware. My
recommendation is to use the purchased (non-adware supported) versions of
these sharing programs.
Firewall: Software or hardware that monitors
incoming and outgoing Internet traffic to your computer and checks for
suspicious patterns. A firewall may alert you to spyware or a Trojan
installed on your computer.
Hacker: A hacker is a person who creates
and modifies computer software and hardware, including computer
programming, administration, and security-related items. This can be
done for either negative or positive reasons. Criminal hackers create
malware in order to commit crimes. Also see: malware, cyber criminals,
cyber gangs.
Keylogger: Keyloggers are malicious
programs that record the key strokes a user types on their PC, including
instant message and email text, email addresses, web sites visited,
passwords, credit card and account numbers, addresses, and other private
data.
Malware: Malware is a generic term used to
describe malicious software such as viruses, Trojan horses, spyware, and
malicious active content.
Macro: A macro is a series of instructions designed to simplify
repetitive tasks within a program such as Microsoft Word, Excel, or
Access. Macros execute when a user opens the associated file.
Microsoft's latest macro programming language is simple to use,
powerful, and not limited to Word documents. Macros are in mini-programs
and can be infected by viruses. Also see: macro virus.
Macro virus: A macro virus is a malicious
macro. Macro viruses are written in a macro programming language and
attach to a document file such as Word or Excel. When a document or
template containing the macro virus is opened in the target application,
the virus runs, does its damage, and copies itself into other documents.
Continual use of the program results in the spread of the virus.
Real-time virus scanner: A real-time
scanner is an anti-virus software application that operates as a
background task, allowing the computer to continue working at normal
speed while it works. Also see: on-access scanner.
On-access scanner: An on-access scanner is a real-time virus
scanner that scans disks and files automatically in the background as
the computer accesses the files.
On-demand scanner:
An on-demand scanner is a virus scanner the user starts manually.
Most on-demand scanners allow the user to set various configurations and
to scan specific files, folders, and disks.
Phishing:
A way of attempting to acquire sensitive information
such as usernames, passwords and credit card details by masquerading as
a trustworthy entity in an electronic communication. Communications
purporting to be from popular social web sites, auction sites, online
payment processors or IT administrators are commonly used to lure the
unsuspecting public. Phishing is typically carried out by e-mail or
instant messaging, and it often directs users to enter details at a fake
website whose look and feel are almost identical to the legitimate one.
Phishing is an example of social engineering techniques used to fool
users,and exploits the poor usability of current web security
technologies. Attempts to
deal with the growing number of reported phishing incidents include
legislation, user training, public awareness, and technical security
measures.
Spam Filtering:
The processing of email to organize it according to specified criteria.
Most often this refers to the automatic processing of incoming messages,
but the term also applies to the intervention of human intelligence in
addition to anti-spam techniques, and to outgoing emails as well as
those being received. Spam filtering software inputs email. For its
output, it might pass the message through unchanged for delivery to the
user's mailbox, redirect the message for delivery elsewhere, or even
throw the message away. Some mail filters are able to edit messages
during processing.
Copyright © 2011
GRQ Innovations, Inc.
|