Understanding Cyber Crime Terms
Confused about the terms you run into when reading stories in Lavasoft News or other cyber security articles? Sometimes the wording used in the tech industry can sound like a language of its own. Below, Lavasoft News has compiled a glossary of key terms that will help you to make sense of the lingo of cyber crime.
Botnet:
a network of compromised, or infected, computers that hackers have commandeered. PCs in a botnet are under the remote command and control of hackers.
Carder/Carding:
a carder is a person who steals, buys or sells credit card information. Carding is theft or a scam carried out using a credit card.
Command and control servers:
in terms of online crime, this phrase is sometimes used to refer to the heart of a botnet operated by cyber criminals.
DDoS:
a Distributed Denial of Service attack (DDoS) is a means of attacking a remote system by bombarding it with traffic from many other computers, typically launched using the compromised systems of Internet user through botnets. DDoS attacks have been used by criminals as part of extortion scams.
Exploit:
a vulnerability or bug in software used to take advantage of a user's system to gain unauthorized access.
Hacker:
those skilled in computer security systems; the term often describes those who break into computer systems to pilfer or destroy data. "White hat" hacker describes those that use their skills in a positive way, while "black hat" hackers use their expertise for online crime or destruction.
IRC:
Internet Relay Chat (IRC) is a type of real-time Internet messaging, designed mainly for group discussion forums. The system is also used by cyber criminals, like bot herders.
Money mule:
someone who cashes out on the information gleaned from cyber crimes, turning the details into real world currency, in exchange for a commission of the proceeds.
Personally identifiable information:
information concerning an identified or identifiable individual, the collection, use or disclosure of this information is something the individual would ordinarily want to control.
Phishing:
attempting to entice users into disclosing personal or financial information by appearing to be a trustworthy or familiar source; usually carried out by instant message or e-mail.
Proxy server:
a server that acts as a buffer between requests from clients looking for resources from other servers. Cyber criminals use proxy servers to remain anonymous and connect to the Internet without allowing others to find their tracks.
Social engineering:
when users are manipulated into performing certain actions or disclosing confidential information.
Spoofing:
in terms of websites, spoofing entails creating a fraudulent site in order to mislead site visitors into believing it was creating by a different, or legitimate organization; the spoofed site often poses as the targeted website by mimicking the design or URL.
To see a full glossary of malware terms, visit the Lavasoft Security Center.
References
http://www.smh.com.au/news/technology/cyber-thieves-stealing-billions/2008/10/08/1223145446451.html
http://news.bbc.co.uk/2/hi/uk_news/5400052.stm
http://www.lavasoft.com/support/-spywareeducationcenter/spyware_glossary.php
www.wikipedia.org
|
