Cyber Security Terminology
Cyber security is a concern for all technology users, and hackers and scammers are finding new ways to scam and hack consumers and businesses. Sometimes the terminology can be hard to understand, so this blog is designed to give you the plain English definition of current hacking and scamming terms.
Baiting - A type of social engineering attack where a scammer uses a false promise to lure a victim into a trap which may steal personal and financial information or inflict the system with malware. The trap could be in the form of a malicious attachment with an enticing name.
Botnet - A botnet (short for “robot network”) is a network of computers infected by malware that are under the control of a single attacking party, known as the “bot-herder.” Each individual machine under the control of the bot-herder is known as a bot.
Distributed Denial of Service (DDoS) - this is a type of cyber attack that floods a target system with traffic, causing it to become overwhelmed and unavailable to users. DDoS attacks are typically carried out using a network of compromised devices called a botnet.
Domain Hacking – Where an intruder hacks your website/domain by blocking your domain name system (DNS) and putting their own website in its place.
Dumpster Diving – Where important information (for example a password) is retrieved by searching through discarded media. This can be physical (going through the rubbish) or electronically, by entering a system and looking at archived files.
Encryption - a technique used to protect data by transforming into a coded format that can only be read by someone who has the key to unlock it. Encryption is commonly used to secure sensitive information such as passwords, credit card details, and other personal information.
Fatigue attack – If a user has “push notifications” for their multi factor authentications (those pop up authorisation messages), a hacker can send repeated requests for approval via text to the user, who may relent under the attack and just authorise the hack, without realising.
Malware – This is a general term for different types of code used maliciously to scam or hack.
Ransomware – A type of malware that is a form of extortion. The scammer or hacker might say that they have accessed your hard drive and will be encrypting/releasing/denying access to your system until you pay a ransom for them to fix the issue up.
Phishing – An email or text that appears to be sent from a trusted source, is sent by a scammer to trick the receiver into entering valid credentials into a fake website, an example of this is banking phishing emails. The website and email do look authentic, but they are fake.
Pretext - A pretext is a made-up scenario developed by threat actors for the purpose of stealing a victim's personal data. During pretexting attacks, threat actors typically ask victims for certain information, stating that it is needed to confirm the victim's identity.
Spear Phishing – Spear phishing is a type of cyber attack that targets a specific individual or organisation. Unlike traditional phishing attacks that cast a wide net, spear phishing attacks are highly targeted and personalised. Attackers use information about their targets, such as their job title, interests, or personal relationships to craft convincing messages that appear to be from a trusted source. These messages often contain links or attachments that, when clicked, can infect the victim's computer with malware or steal sensitive information.
Spoofing – Spoofing is a technique used by attackers to make their messages or actions appear to come from a legitimate source. For example, an attacker may spoof an email address to make it look like the message came from a trusted sender, or they may spoof a website to trick users into entering their login credentials. Spoofing can be used in a variety of cyber attacks, such as phishing, malware distribution, and denial-of-service attacks. To protect against spoofing, it is important to verify the identity of any sender or website before taking any action.
Stealthing – When malicious code is used and hidden under a known file name, to conceal its presence.
If you have any concerns over your Cyber Security, call 02 4337 0700 or email reception@loyalit.com.au.
Tags:SecurityNetworking SecurityCyber Security |