Security a - z
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
Adware
A form of free software that displays adverts or banners whilst in use. Some adware will collect information about the user in order to display specific or targeted advertisements to the user. If any personal information is collected, with or without the display of adverts, then the software is classed as spyware. If you are unsure of what data is being collected by software, you should run an adware scan.Anti-virus software
Anti-virus software is a program that searches your hard disk for viruses and removes any that are found. Anti-virus software is inherently reactionary and can only "protect" against what it already knows about (hence the need to keep it frequently updated). New viruses spread very quickly so you must update your anti-virus software regularly, on a weekly basis at the very minimum. Ensure that the software is always running. Most anti-virus programs include an auto-update feature that enables the program to download profiles of new viruses so that it can check for the new viruses as soon as possible.Apple
A company based in California, USA known mainly for the digital music player iPod and their desktop computer operating system Mac OS X.
back to topBackdoor
A way of gaining access to a program, online service or an entire computer system. The backdoor is written by the programmer who writes the program and is often only known by himself. A backdoor is a potential security risk as it can be exploited by hackers.Blue screen of death (BSoD)
A bright blue computer display that warns the user of a critical system error. BSoD are usually not recoverable and the system must be turned off and on again to recover. BSoD sometimes have information or codes that should be noted down in order to analyse the problem. If you see a bright blue screen that seems unresponsive, you should copy as much of the information as possible before you seek support on the problem.Broadband
A fast Internet connection, much faster than a standard 56k dial-up modem. The connection is usually 'always on' so you don't have to dial up to the Internet. However, it's a good idea to disconnect from the Internet when not in use to reduce the risk of being exposed to hackers. If a PC is connected all of the time, it is essential that it is fully patched and protected (tips can be found on our security checklist).Browser
Software that is used to display web pages on the Internet. Examples of browsers are: Microsoft® Internet Explorer, Netscape® Navigator, Mozilla®, Firefox, Safari, and Opera®.Cable Modem
A modem designed to operate over cable TV lines. Can be used to achieve extremely fast access to the Internet. Normally uses fibre optic cables for the transmission of data.Chat room
A website or an application that creates virtual rooms where people can talk to each from all over the world. These can be a great place to socialise and talk about a wide range of topics. However, due to the vast amount of people and topics available you should be cautious of allowing children to use chat rooms without your supervision. Always remember not to divulge personal information on chat rooms, even giving out your full name should be avoided.Cookies
A cookie is a text file placed on your hard drive by some web pages that you have visited. Cookies may contain information about you and your preferences. Only the information that you provide, or the choices you make while visiting a website, can be stored in a cookie. For example, the site cannot determine your e-mail address unless you choose to type it. A cookie does not give the website access to the rest of your computer. Only the site that created the cookie can read it.Denial of Service (DoS)
An Internet attack against a website whereby the primary goal of the attack is to deny the victim(s) access to a particular resource. In a mild case, the impact can be unexpectedly poor performance. In the worst case, the server can become so overloaded as to cause a crash of the system. DoS attacks do not usually have theft or corruption of data as their primary motive and will often be carried out by persons who have a grudge against the organisation concerned.Examples include:
- attempts to "flood" a network, thereby preventing legitimate network traffic
- attempts to disrupt connections between two machines, thereby preventing access to a service
- attempts to prevent a particular individual from accessing a service
- attempts to disrupt service to a specific system or person
Driver(s)
A file or collection of files that enable hardware devices to work with your operating system. They are usually supplied with the device, such as a printer, but can be downloaded later from the manufacturer's site.Before installing a new driver you should be sure that it is suitable for the device. If you are unsure, then you should seek the assistance of a professional computer technician.
eBay (or auction website)
A website that enables people to buy and sell goods in an auction fashion over the Internet.e-mail Spoofing
A forged e-mail header to make it appear as if an e-mail came from somewhere or someone other than the actual source. The e-mail may look as if it came from your best friend or your bank when, in fact, it has been created by someone else unknown to you. This can be spam e-mail or an e-mail with malicious intent. In some jurisdictions, e-mail spoofing anyone other than yourself is illegal.Encryption
Encryption is the transformation of making data unreadable to everyone except the receiver. For example, it is often used to make the transmission of credit card numbers secure for those who are shopping on the Internet. When you visit a secure website, the web address starts with "https" and your browser displays a padlock icon on the status bar.Executable / .exe
The term 'executable' refers to a file that can be 'run' by a computer. Such software programs are usually identified by the suffix (or file extension - see below) '.exe'.Exploit
An exploit is a known bug, glitch, hack or vulnerability that can be taken advantage of in order to compromise the security of a computer system. Exploits are usually stopped by applying patches or updates to the software or operating system, or by using a firewall to stop the flow of data back and forth from such an exploit.Filename Extensions
One or several letters at the end of a filename (the name of a file). Filename extensions usually follow a dot (full stop) and indicate the type of information stored in the file. For example, in the filename flower.jpg, the extension is jpg, which indicates that the file is a photograph file. Before you save anything from the Internet, be sure that it is the type of file that you are expecting to receive.Firewall (software)
A small program that helps protect your computer and its contents from outsiders on the Internet or network. Will prevent unauthorised traffic to and from your PC. They also keep logs of all activity, which may be used in investigations. There are many effective programs to choose from. Common commercial examples are: F-Secure, Zone Labs, Symantec (Norton), McAfee and Computer Associates. In many cases there is a freeware version of commercial software that is free of charge for personal users.Hacker
Someone who breaks into your computer (or into a network of computers) over the Internet.Home Page
The first page on a website, which introduces the site and provides the means of navigation. It is also the web page a user's browser is configured to load each time it is started. This will typically default to the home page (see above) of the organisation that produced or distributed the browser, e.g. Microsoft, Wanadoo, Yahoo, etc.Hot-fix
A patch or an upgrade that has been quickly released to fix a vulnerability, or exploit on a piece of software or operating system. These usually will only have the purpose of fixing one known bug at a time, and will be superseded with a proper patch or upgrade later on that includes many fixes.HTTPS
See Secure Sessions.Identity Theft
Identity theft is a crime in which a fraudster obtains key pieces of personal information, such as date of birth, bank details, or driver's licence numbers, in order to impersonate someone else. The personal information discovered is then used illegally to apply for credit, purchase goods and services, or gain access to bank accounts. Fraudsters often take advantage of people's natural inclination to choose passwords that are meaningful to them but can be easily guessed (children's names, pet names, addresses, or birth dates). Stealing wallets used to be the best way identity thieves obtained driver's licences, credit card numbers and other pieces of identification. Although they still do this, identity thieves now use more sophisticated means:- rummaging in dustbins for un-shredded credit card and loan applications, bank statements and documents containing data such as your National Insurance number
- stealing mail to obtain newly issued credit/debit cards, bank and credit card statements, pre-approved credit offers, investment reports, insurance statements, benefits documents, or tax information
- accessing your credit record fraudulently, for example, by posing as an employer, loan officer, or landlord
- obtaining names and personal data from personnel or customer files in the workplace
- "shoulder surfing" at ATM machines in order to capture PIN numbers
- finding identifying information on Internet sources, via public records sites and fee-based information broker sites
Internet Café / Web Café
A public computer terminal that is supplied by a private or local community provider for free or for a small charge that members of the public can use to access the Internet. Despite the name, the term Café is sometimes used even when there is no such service provided.Such terminals can be found in libraries, public houses, fast food establishments, hotels and even in phone boxes on the street.
People may also refer to these as a "Wireless Hotspot" if people are able to bring their own wireless laptop computer to use rather than the provided systems.
Internet Explorer
A popular web browser provided with Windows Operating system. Sometimes referred to as "the blue E", or incorrectly known as "the Internet".Internet Service Provider - ISP
An Internet Service Provider, commonly referred to as an 'ISP', is a company which provides access to the Internet, plus a range of services such as e-mail and the hosting (running) of personal and corporate websites. Examples of ISPs are: BT, Wanadoo, AOL, Tiscali, Virgin Net, Blueyonder & NTL.IP Spoofing
A technique giving an attacker unauthorised access to a computer or a network by making it appear that a malicious message has come from a trusted host by "spoofing" (forging) the IP address of that host.Keystroke Capturing/Key Logging
Anything you type on a computer can be captured and stored. This can be via a hardware device attached to the PC or by software running on the machine. Keystroke logging is often used by fraudsters to capture personal details including passwords. Some recent viruses and Trojans are capable of installing such software without the user's knowledge. The risk of encountering such keystroke logging is greater on PCs shared by a number of users, such as those in Internet Cafés. Up to date anti-virus software and an up to date firewall may help capture these viruses and Trojans before they deploy the software. Also, running anti-spyware software would reveal the presence of any such software on your PC.Laptop
A portable computer that is light enough and small enough to be placed on one's lap, usually with the features and specifications of normal desktop computers. Laptops are most suitable for travellers, business people and users that desire the mobility to move their computer around the home easily.Linux
A computer operating system that can be downloaded and used straight away or it can edited and recompiled, mostly for free. There are many varieties and flavours of Linux and it is recommended to do a little research before considering changing if you are already used to a different operating system.Mac (Apple Macintosh)
An operating system made by the computer company Apple. As of 2005, the latest version of Mac was OS X 10.4, known as Tiger. Version 10.5, known as Leopard is planned to be released in 2006 or 2007.Macro Virus
A type of computer virus that is encoded as a macro embedded in a document. Many applications, such as Microsoft Word and Excel, support powerful macro languages. These applications allow you to embed a macro in a document, and have the macro execute each time the document is opened. According to some estimates, 75% of all viruses today are macro viruses. Once a macro virus gets onto your machine, it can embed itself in all future documents you create with the application. Anti-virus programs can protect your system against most macro viruses, although new ones are always being created that slip by the anti-virus filters.Malicious Code
Malicious code describes any program (including macros and scripts) which is deliberately coded in order to cause an unexpected and unwanted event on a user's PC. Your PC could simply be infected with a virus whilst you are innocently browsing a new website. Such attacks use HTML, the code used for websites and, within this code, the pay load is then executed. The threat is that HTML is not only found on websites, but can also be used to format and present the text of an e-mail. This means that simply opening an e-mail encoded in HTML, could deliver its pay load with no user intervention at all. The solution is to run both a top rate anti-virus program and also a malicious code detection system which is able to constantly monitor the behaviour of downloaded "content" (e.g. a "harmless" page from a website) including executable files (.exe) and scripts.Modem
A piece of communications equipment, which enables a computer to send transmissions through normal telephone lines or fibre optic cables.Mozilla
A software company that produces the web browser known as Firefox and the e-mail client known as Thunderbird. Their software is not usually supplied by default on home user PC systems, but can be downloaded easily from the Mozilla website.
Mules
For information on money mule scams visit this page.
Opera
An alternative web browser supplied by a company of the same name. This software is not usually supplied as default on home user PC systems, but can be downloaded easily from the Opera website.Patch
Similar to a 'Fix', a Patch is a temporary arrangement used to overcome software problems or glitches. A patch will normally be released as a 'quick fix' prior to the next formal release of the software. Patches are usually (but not always) available online from the vendor's website. Caution: A patch will usually (but not always) be an incremental addition to an assumed software version, i.e. the patch will assume that the software already installed is version 'x'. It is critical that the patch is applied carefully and that the software version to which it applies is confirmed.Payload
The 'active' element of a virus. Some payloads are extremely malevolent, others merely childish, while yet others appear to have no real payload at all, simply reproducing or attaching themselves to existing files all over the place and filling up hard disks with clutter.PayPal
A method of paying someone for goods or services over the Internet. This method of payment is common to auction websites and is popular because you do not always have to give the other person your personal banking details. You make a payment to the person's e-mail address over paypal, and they can log in to retrieve the money at their convenience.Phishing
Pronounced "fishing". The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a website where they are asked to update personal information, such as passwords, credit card details, social security details and bank account numbers, that the legitimate organisation already has. The website, however, is bogus and set up only to steal the user's information. 2003 saw the proliferation of a phishing scam in which users received an e-mail supposedly from eBay claiming that the user's account was about to be suspended unless they clicked on the provided link and updated their credit card information. Because it is relatively simple to make a website look like a legitimate organisation's site by mimicking the HTML code, the scam counted on people being tricked into thinking they were actually being contacted by eBay and were subsequently going to eBay's site to update their account information. By spamming large groups of people, the "phisher" counted on the e-mail being read by a percentage of people who actually had listed credit card numbers with eBay legitimately. Phishing is a variation on "fishing", the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.Port (Hardware)
An interface on a computer to which you can connect a device. Personal computers have various types of ports. Internally, there are several ports for connecting disk drives, display screens, and keyboards. Externally, personal computers have ports for connecting modems, printers, mice, and other peripheral devices.Port (Network)
A network port is a "doorway" on a computer system that is used for communication with another computer system or device. Programs are developed to use different ports so that communications are separate from each other.Port Scanning
The act of systematically scanning a computer's ports. Since a port is a place where information goes into and out of a computer, port scanning identifies open doors to a computer. Port scanning has legitimate uses but it can also be malicious in nature if someone is looking for a weakened access point to break into your computer. There is no way to stop someone from port scanning your computer while you are on the Internet because accessing an Internet server opens a port, which opens a door to your computer. There are, however, software products that can stop a port scanner from doing any damage to your system.Quarantine
Defensive tactic employed against viruses. Anti-virus software can often detect viruses which it cannot repair automatically. In such cases the simplest option is to delete the file, but better quality anti-virus programs offer the option to Quarantine the file. This involves removing the file from its current location, encrypting it, and locking it in the quarantine area, i.e. part of the disk which is not accessible by any application except the anti-virus program, and certain disk utility tools. Once in quarantine the anti-virus utility programs may be able to open the file and examine the contents to allow a user to extract any useful information, or, if sufficiently skilled, to remove the virus and effect a manual repair of the file.Safari
A popular web browser that is usually supplied and installed by default on Apple Mac desktop computers.Screen reader
A piece of software that helps make websites and computer applications more accessible. The software will read the web page or program to the user and help them navigate around using shortcut keys.Secure Session
When you log in to Internet Banking you are said to be in a "secure session". SSL technology (see below) is used to encrypt information before it leaves your computer to ensure that no one else can read it. Depending on your browser settings, an alert may appear to notify you that you will be entering a secure page. Making purchases from a secure web server ensures that a user's payment or personal information can be translated into a secret code that's difficult to crack. You will know that you are on a 'secure' page when you see the 'https://' (as opposed to the standard 'http://') before the web address. You will also see a closed padlock symbol somewhere in the status bar or toolbar of your browser window.Secure Socket Layer (SSL)
Secure Socket Layer (SSL) protocol provides a high level of security for Internet communications. It provides an encrypted communications session between your web browser and a web server. SSL also helps to ensure that sensitive information (e.g. credit card numbers, account balances and other financial and personal data) sent over the Internet between your browser and a web server remains confidential during online transactions.Shoulder Surfing
Looking over a user's shoulder as they enter a password. This is one of the easiest ways of obtaining a password to breach system security. The practice is used wherever passwords, PINs, or other ID codes are used. Be aware of people behind you at the Internet Café or ATM.Social Networking
Examples of social networking sites include Facebook, MySpace and Bebo, for further information on these sites and how to stay safe using them visit getsafeonline.org
Spam
Computer Spam is the electronic equivalent of Junk Mail. Companies and individuals who previously sent sales literature through the postal system have turned to Spam as a means of delivering (usually) worthless messages at a fraction of the cost. Given the huge databases now held on computers around the world, 'Spammers' can send literally hundreds of thousands of messages for a few pence. Some companies consider this to be a 'better' use of their marketing budgets than the traditional routes.Spoofing
The interception, alteration, and re-transmission of data (in an attempt) to fool the recipient.Spyware
Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. These programs often arrive as hidden components of "free" programs. However, it should be noted that the majority of shareware and freeware applications do not come with spyware. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. It monitors web usage and reports back to bona-fide companies who may then sell the collective statistics. Spyware can also gather information about e-mail addresses and even passwords and credit card numbers. They are relatively benign but in their more extreme forms can include key-stroke logging and virtual snooping on all your PC activity. Spyware uses memory and system resources and the applications running in the background can lead to system crashes or general system instability. Because spyware exists as independent executable programs, they have the ability to do the following:- monitor keystrokes
- scan files on the hard drive
- snoop other applications such as chat programs or word processors
- install other spyware programs
- read cookies
- change the default home page on the web browser
- relay this information back to the spyware author
Stealth Virus
A computer virus that actively hides itself from anti-virus software by either masking the size of the file that it hides in, or temporarily removing itself from the infected file and placing a copy of itself in another location on the drive, replacing the infected file with an uninfected one that it has stored on the hard drive.Trojan Horse
A Trojan Horse is a malicious, security-breaking program that is disguised as something benign, such as a game or even a program to search and destroy viruses! A Trojan is a type of virus which normally requires a user to perform some action before the payload can be activated. An example is where an e-mail is received with an attachment which purports to be the CV of a lady seeking employment. A CV is actually attached, but embedded within it is a macro-virus which activates the Trojan program as soon as the document is opened for viewing. If the attachment is not opened, the virus cannot deliver the payload and no damage is done. A basic defence against all viruses is a strict policy that e-mail attachments should not be opened until they have been checked by an anti-virus scanner. As viruses travel from PC to PC, they often take random addresses from the user's e-mail program address book. Therefore, an infected e-mail can come from someone you recognise, so trust nothing or no one!Upgrade
The process of replacing a version of software (or hardware) with a newer product release designed to meet new requirements, or generally improve performance. A new software release may introduce better security.URL
URL or Uniform Resource Locator is the technical term for the location (or address) of a file or resource on the Internet. An example URL using the http protocol is: http://www.nationwide.co.ukVista (Microsoft Windows Vista)
Windows Vista is Microsoft's current client version of the Windows operating system for home and office users. Vista was released to the general public on January 30th 2007.Virus
A virus is a form of malicious code and is potentially disruptive. It may also be transferred unknowingly from one computer to another. The term Virus includes all sorts of variations on a theme, including the nastier variants of macro-viruses, Trojans, and Worms. For convenience, all such programs are classed simply as 'virus'. Viruses are a common problem for home/office PCs and organisation owned servers. As at September 2005, there are over 60,000 known viruses. Fortunately the great majority of these are classed as 'rare' and usually appear only in virus research centre files. However, that still leaves nearly 5,000 viruses, classed as 'common', roaming the world's computer networks, so there is absolutely no room for complacency. They tend to fall into 3 groups:- Dangerous: which do real, sometimes irrevocable, damage to a computer's system files, and the programs and data held on the computer's storage media, as well as attempting to steal and transmit user ID and password information in order to obtain money
- Childish: which do not, generally, corrupt or destroy data, programs, or boot records, but restrict themselves to irritating activities such as displaying childish messages, playing sounds, flipping the screen upside down, or displaying animated graphics
- Ineffective: those, such as 'Bleah', which appear to do nothing at all except reproduce themselves, or attach themselves to files in the system, thereby clogging up the storage media with unnecessary clutter. Some of these viruses are ineffective because of badly written code, - they should do something, but the virus writer didn't get it quite right
Within all types there are some which operate on the basis of a 'triggered event' usually a date such as April 1st, or October 31st, or a time such as 15:10 each day when the 'Tea Time' virus activates.