Cyber security terms you really need to know -

 

1.Anti-spyware Software    --
       Anti-spyware software is used in detecting, blocking and/or removing spyware attempts.

Spyware is a type of software that seeks to gather your personal information, without your permission. It has the capability to take over your computer entirely! The information it collects is then sent to a third party without your consent.
There 4 main different types of spyware:

• system monitors,
• Trojans,
• adware,
• and tracking cookies.

Spyware is mainly used for tracking a user’s movements online and serving annoying and dangerous pop-up ads.

HOW YOU CAN GET INFECTED:

Your system can get infected with spyware if you visit certain websites, by pop-up messages that ask you to download an application or program (told you they’re evil!), through security holes in the browser or in other software, etc.

Usually, spyware is well hidden and it’s also difficult to observe. You might notice a spyware infection when the virus starts using your system’s resources and slows it down in a way that will make you really, really angry.
 

2. Antivirus Software   

Antivirus software, sometimes called an anti-malware program (you can also call it AV if you want to show off), is computer software used to prevent, detect and remove malicious software.

Antivirus protects your computer from a large number of threats, such as ransom-ware, rootkits, Trojans, spyware, phishing attacks or botnets.

Without getting technical, let’s just say that the way antivirus scans for infections is not really coping with current threats. Cyber criminals are smart. Really, really smart! And their attacks are vicious, so just remember that antivirus is not enough and you need something more to keep you safe.

But that doesn’t mean you don’t need antivirus. YOU DO, trust me! But you need other stuff too and I’ll tell you more about that later on.
 

3. Cyber-Attack

A cyber-attack is classified as any type of offensive action used by cyber criminals to deploy malicious code in your system with the purpose of stealing, altering, destroying or taking any advantage from this action.

Cyber-attacks can target both people and things. ANYWHERE. ANYTIME.  Individual users, computer networks, information systems, IT infrastructure of all types and sizes – no one is safe! (And I’m not being dramatic about it.)

And smarter cyber criminals launch stronger attacks, which lead to worse consequences.
 

4. Drive-by download   

A drive-by download can refer to 2 things:

1. A download which you authorized but without understanding the consequences (example: downloads which install an unknown or counterfeit executable program, ActiveX component, or Java applet).
2. The unintentional download of a virus or malicious software (malware) onto your computer or mobile device.

HOW YOU CAN GET INFECTED:

Drive-by downloads can happen when you visit a website, when reading an email or by clicking on a deceptive pop-up window.

These type of malicious downloads usually take advantage of (or “exploit”) a browser, an app, or an operating system that is out of date and has a security flaw that has not been solved or patched.

This is why it’s crucial to constantly maintain your software updated. (No worries, I’ll nag you about this along the way.)
 

5. Exploit

An exploit is a piece of software, a chunk of data, or a set of commands that takes advantage of a bug, glitch or vulnerability in order for malicious purposes.

Exploits can cause disruptions in the behavior of computer software, hardware, or something electronic (usually computerized).

HOW YOU CAN GET INFECTED:

By using exploits, cyber criminals can gain control of your computer.

After that, they can do pretty much what they want.

One of the ways to protect yourself from exploits is to keep your software updated at all times (told you I’d nag you about this!) and take all essential security measures (which I’ll show you in this course).
 

6. Keylogging     

Keylogging (also called keystroke logging) is a method that cyber criminals use to record (or log) the keys you strike on your keyboard in order to get confidential information about you.

Of course they do this in a concealed manner, so that you won’t know you are being monitored while typing passwords, addresses and other secret data on your keyboard as usual.

HOW YOU CAN GET INFECTED:

Keyloggers are usually used with malicious intentions, to steal passwords or credit card information.

Although many anti-spyware applications can detect some software based keyloggers and quarantine, disable or cleanse them, there is no solution that can claim to be 100% effective against this type of threat.
 

7. Malver-tising  

Malver-tising (short for "malicious advertising") is the use of online advertising to spread malware.
Cyber criminals inject malicious or malware-loaded code into online advertising networks or legitimate websites, which then infect your systems through clicking, redirection or drive-by downloads.

Since online ads are managed by online advertising networks, even a legitimate website may host an infected web banner, although the website itself remains uncompromise. Some of the websites that have unknowingly hosted malver-tising are The New York Times, the London Stock Exchange, Spottily, and The Onion.

HOW YOU CAN GET INFECTED:

Cyber criminals use pop-up ads, drive-by downloads, web widgets, hidden iframes, malicious banners, and third-party applications (example: forums, help desks, customer relationship management systems, etc.) to deliver malware. This is why malvertising is so wide-spread, affecting many users without their knowledge.
 

8. Malware

Malware (short for malicious software) is one of the terms you’ll hear most often when it comes to cyber security threats. The terms defines any software used by cyber criminals to:

• disrupt computer operations,
• gather sensitive information,
• or unlawfully gain access to private computer systems.

Malware is characterized by its malicious intent, because it acts stealthily to steal your information or to spy on your computer for a long time, without your knowledge.

'Malware' is a general term used to refer to an entire category of malicious or intrusive software, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware, and other harmful programs.

HOW YOU CAN GET INFECTED:

Malware is usually spread through executable code, scripts, active content, and other software. The major threat is poses comes from malware being disguised as, or embedded in, non-malicious files, such as .jpeg, .mpeg, .exe, .gif, .mp3 and many, many more.

You should definitely check out this list of 50+ File Extensions That Are Potentially Dangerous on Windows to get an even better idea of how malware can sneak into your system.
 

9. Patching          

Patching is the process of updating software to a different, newer version. A patch is a small update released by a software manufacturer to fix bugs in existing programs.

A patch can relate to features and usability, but is can also include security features.

Patching is essential for your online security, because it prevents cyber criminals from launching attacks using Zero Day viruses (definition at #18).
 

10. Phishing           

Phishing is (yet) another method that cyber criminals use in order to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by posing as a trustworthy entity in emails or other means of electronic communication.

Phishing is an example of social engineering techniques (definition at #12) used to deceive users, and exploits the poor usability aspects of current web security technologies.

HOW YOU CAN GET INFECTED:

 A phishing email could seem that it legitimately comes from your bank, and could trick you into entering valid credentials on a fake website.

Phishing is done through emails, instant messaging apps or social media posts (on Facebook, Twitter, LinkedIn, etc.).
 

11. Ransomware

Ransomware is a form of malware that essentially holds a computer system captive while demanding a ransom.

This type of malware locks you out of your computer by either:

• encrypting files on the hard drive
• or locking down the system and displaying messages that extort you into paying the malware creator to remove the restrictions and regain access to their computer, usually via a key. The bad news is that the malware creator is the only one who knows the key.

HOW YOU CAN GET INFECTED:

Ransomware typically spreads like a normal computer worm (by replicating(making exact copy itself) itself in order to spread to other computers), and it could infect your system via a downloaded file or through some other vulnerability in a network service.

The chances of retrieving your data are very small, unless you’re willing to pay the ransom (which is why it’s crucial to have a back-up of your data in a secure location).

The malware creator will either supply a program which can decrypt the files, or he will send an unlock code that decrypts your data. But there is no guarantee that this will happen, even if you pay the requested ransom.
 

12. Social engineering     

Social engineering is one of the most commonly used methods of cyber hacking, which requires little to no technology. It relies on psychological manipulation to something belive the victims to perform certain actions or make known (private or sensitive ) confidential information.

HOW YOU CAN BE COMPROMISED:

In this case, cyber criminals use lies, impersonation, tricks, bribes, blackmail, and threats (just like your ex) to attack information systems. Phishing (defined at #10) is also a form of social engineering.

For example, cyber criminals may pose as contractors, exterminators, fire marshals and technicians to go unnoticed as they steal your secrets or trick you into  make known (private or sensitive ) confidential information about your company.
 

13. Spam  

We all know that spam is made of those pesky (Annoying) , unsolicited emails that clog our inboxes. But, in recent years, spam has spread to instant messaging apps, texting, blogs, forums, search engines, file sharing and social media.

HOW YOU CAN GET INFECTED:

While spam itself may not seem very dangerous, it sometimes carries malware, spreads viruses, worms and other types of threats, such as financial theft, identity theft, data and intellectual property theft, fraud, and deceptive marketing.
 

14. Trojan (Trojan horse)

A Trojan horse (commonly known as a Trojan) is a type of malware that hide itself as a normal file or program to trick you into downloading and installing malware.

A Trojan can do many dangerous things to your system, like give cyber criminals unauthorized, remote access to your infected computer.

Once that happens, cyber criminals can:

• steal data (logins, financial data, even electronic money),
• install more malware, modify files,
• monitor your activity (screen watching, keylogging, etc.),
• use the computer in botnets (a collection of Internet-connected programs communicating with other similar programs in order to spread malware),
• encrypt your files, like in the case of ransomware (defined at #11)
• crash your computer
• format your disks, destroying all the contents on your device, etc.

HOW YOU CAN GET INFECTED:

There are plenty of ways in which your system can become compromised by a Trojan:

• through email attachments
• software or music downloads
• unsafe instant messages
• peer 2 peer downloads
• routine forms that need to be filled in
• drive-by downloads, etc.

 

15. URL or web content filtering

URL or web filtering technology is software which keeps you from accessing inappropriate websites or content or that prevents you from ending up in a dangerous web location (and by dangerous I mean malware-laden).

The software’s filter checks the origin or content of a web page against a set of rules provided by company or person who has installed the URL filter. If the web page has been blacklisted or marked as infected, it will deny access to that web location, blocking a potential cyber attack.

 

16. Virus (Computer Virus)

A computer virus (shortly called virus) is a type of malware (told you it would come up often!) capable of replicating itself and spreading to other computers and data files.

Viruses spread to other computers by attaching themselves to various programs and executing code when you launch one of those infected programs.

But they’re really sneaky, so they can also spread through script files, documents, and cross-site scripting vulnerabilities in web apps (defined at #17).

Viruses are also evil, because they can be used to steal information, harm your computers, log keystrokes (keylogging – defined at #6), create botnets, spam your contacts, steal your money, display political or humorous messages on your screen (the least of your worries), and more.


HOW YOU CAN GET INFECTED:

Viruses install themselves without your permission, because cyber criminals use social engineering (defined at #12) and exploit software bugs and vulnerabilities (defined at #17) to gain access to your computing resources.

Viruses can reside in executable files (.exe or .com files), in data files (Microsoft Word documents or PDFs), or in the boot sector of your hard drive. Or in a combination of all of these.
And the worst part is that some viruses are polymorphic, which means that the virus has no parts which remain identical between infections, making it very difficult to detect directly with an antivirus solution.
 

17. Vulnerability 

A cyber security vulnerability is a weakness which allows an attacker to undermine your system's data security defenses.

A vulnerability appears at the intersection of 3 elements:

1. a system susceptibility or flaw (example: your Java software hasn’t been updated to the latest version – seems pretty innocent, right?)
2. attacker access to the flaw (example: you click on a malware-infected banner ad which delivers a download on your computer)
3. and attacker capability to exploit the flaw (example:  now the cyber criminal has a way in, through that malicious download).

A vulnerability is just a skill(an attempt to make something that is not the case appear true.) that a cyber criminal can use to launch a full scale attack on your system. He still needs the right tools for that, but they come in a large supply online and they’re cheap as well.

The way to protect yourself against vulnerabilities is to maintain your software updated at all times.
 

18. Zero-Day virus          

Now that you know what a vulnerability is, it’ll be really easy to understand what a Zero-Day virus is as well.

Zero-Day viruses appear when cyber criminals discover a flaw in a piece of software (for example, in Adobe Air). They exploit that vulnerability, launching an attack that users can’t defend themselves against, for two simple reasons:

• The flaw they exploit is attacked by launching a previously unknown computer virus or other malware
• Antivirus programs rely upon signatures to identify malware, but the signature for this new breed of malware or virus is not in their database, because it’s new and hasn’t been sampled.

That is why antivirus software is not effective against Zero-Day viruses, and that why you need additional solutions to protect you from advanced attacks such as these.

HOW YOU CAN GET INFECTED:

The usual methods described beforehand work in this case as well:

• drive-by downloads
• malvertising
• spam
• through email attachments
• software or music downloads
• unsafe instant messages
• peer 2 peer downloads
• routine forms that need to be filled in, etc.

The difference is that, once you get infected, there’s very little you’ll be able to do to stop the infection and mitigate its effects.
 

Internet Security Myths That You Need To Forget

 

1. This can’t happen to me, only important or rich people are targeted.

This security myth is called by many security experts security through obscurity.

Simply said, the Internet is such a big place that no one wants to target you. And even if someone would try to attack your system, there wouldn’t be too much valuable data to be stolen.

In most cases, the user who embraces this kind of thinking doesn’t actually want to lose time or money to address this security issue for the system.

The problem with this type of wishful thinking is that it doesn’t take long until an IT criminal disables your system by using one of your system’s vulnerabilities.

This happens because it is not about how you are, it’s only about your system protection level.

Using automated tools, online criminals probe systems to discover vulnerable computers and networks to take advantage of.

And it’s not just about your personal information they are after, your Internet-connected system is also a valuable asset they can use for their malicious actions.

Even if you think there is no important personal or financial data on the system, a potential identity theft or IT criminal can still use the little data discovered and relate it to other information taken from other sources in order to have a complete picture.

Why take a risk when there are so many protection products and even free tools to keep you safe from malware?

So, don’t trust the odds that tell you that you should be safe out there.

2. Install this security application and you’ll be fine.

This security myth is also called the search for the magic bullet that can solve all your system security.

A user that pays for a security program has high expectations and hopes all his system security to be covered by just installing the purchased program. This myth represents a false image of what it means to have a complete system security.

Trusting one security program to cover your system, your online actions, keep you safe against data and financial stealing malware and other non-traditional attack vectors means that you place too much trust in a single line of defense.

To have an antivirus software or any other security program doesn’t mean to cover the whole Internet security front, though there are some antivirus products that try to create the impression that everything is protected by just installing that single program.

To have complete protection of your system and your online actions, you should start by using an antivirus program that protects you against classical threats, such as viruses, worms, Trojans or phishing. At the same time, you also need solutions against spam, data and financial stealing malware, a parental control tool and a good firewall.

More than anything, you need to stay up to date with security and the latest news and reject false stories that promise total protection by installing a single security program.

Because cyber criminal attacks are evolving faster than antivirus can, next-generation anti-hacking tools have emerged!!!!

3. I don’t need security programs because I don’t access unsafe locations.

I’m sure you heard about this one and you have those friends that believe simple common sense is all that is necessary to keep you safe from malware, viruses, spam, phishing, identity theft, online attacks, etc.

How many times have you heard someone saying: I don’t need antivirus protection, I’m too smart to fall for those tricks!

And if it’s about e-mail attachments, risky web locations or pop-up ads, that may be correct.

But is that all?
What about malware attacks and vulnerability checks that are not easy to detect?
Or about malicious code hidden in legitimate websites?   

To be safe online is quite similar to driving your car.

You may have common sense and pay attention to potential dangers, but can you always predict what others are doing around you in traffic?

Now, you understand why security is important.

4. I set some strong and complex passwords to my accounts, so I’ll be OK.

It is a common recommendation for every user to set a strong password. Your passwords should have 10 or 20 characters and they must contain various letters and numbers. Making the password long and complicated is supposed to create serious difficulties for someone that tries to break it.

These complex passwords that are set nevertheless present a major inconvenience: they are quite difficult to remember and you are forced to write them down in the PC or on some piece of paper, which increases the risk of unauthorized access to the account or to the operating system. At the same time, users have a tendency to dislike such a strong password implementation and start to perceive this as a burden.

Normally, most Internet users set quite easy to remember passwords to their accounts or they use passwords which are easy to guess.

Therefore, most passwords and credentials, which are even used for online banking locations, are actually sniffed and not so much cracked. Another well-known fact is that users set the same password for different online accounts, which makes the job much easier for an online criminal.

The need for a good password is part of a larger security scheme that includes security programs for classical and non-traditional vector attacks, spam detection and phishing attempts.

But fancy words won’t keep you safe.

5. Internet security is expensive.

I’m sure you spend some time online, running various activities, sending messages to friends on social media accounts, purchase various items on different websites, not to mention accessing your banking account to send and receive money.

So, is Internet access just a simple way of wasting time and having fun, or is it an integral part of our lives?

How difficult is it for an IT criminal to use information from our Facebook account and correlate it with data obtained from malicious software already installed on our system in order to have a complete image of your life?

And, from that point, how long until your identity is stolen and used for malicious purposes?

I am sure you heard about cases when someone’s online identity has been stolen and money removed from the banking account. What you don’t hear is that recovering from this online attack takes time, even years and since an attack can occur from any part of the world, the perpetrators are rarely brought to justice.

With this information in mind, should you still take a chance online?

It is true you could install free antivirus on your system and there are many options online, but from my experience I recommend using a good security product from a big company name.

To choose the best solution, access the antivirus test results run by established names in the security industry, such as AV Comparatives, PC Magazine, AV-TEST or Virus Bulletin and select the best security solution for your system.

6. I only open e-mails from my friends, so I should be fine.

How many of us already received a strange e-mail from a friend or from a relative?

How difficult is it to spoof an e-mail in order to display anyone’s name as being the sender?

If you are used to these types of tricks, you may be safe from clicking the links contained in the e-mail or download on your system the attachments of the e-mail.

But for someone who is less skilled in Internet security, just one click away from malicious software can get them infected.

Clicking a link may send the user to a malicious website controlled by online criminals and downloading the content of the e-mail may easily install on the system some dangerous financial stealing malware, which remains hidden stealing banking credentials for cyber-criminals.

These types of e-mails may also appear like coming from financial institutions and they can look real enough to trick you into giving away private information from your online account.

In this case, if you have doubts about the origin of the e-mail, simply contact directly the institution or your friend and ask if they sent that particular e-mail.

7. I download and access information from trusted sources. This keeps me safe.

This is a pretty difficult security myth to break. Most of us think that accessing safe and secure locations will keep us safe.

The reality is quite different. Even if you access a trusted source, you are still vulnerable to online dangers, and I’m not referring just to old viruses, worms or other normal malware.

In this particular case, I’m talking about a much greater danger: malicious software developed by cyber-criminals that target our private data and financial credentials, and which is designed to remain hidden from classical antivirus detection.

This type of malware usually spreads through e-mails that apparently come from a secure financial institution (or from a friend), through drive-by downloads, malicious content placed on secure websites that download on your system, or simply through pop-up ads placed by online criminals on those websites that are considered safe to access.

To stay safe from this danger, you need an especially designed software to protect you against financial theft and data stealing software. This type of software offers a complementary layer of security which the normal antivirus products cannot provide. Don’t worry, I’ll tell you all about it when time comes.

8. My social networks are safe places. Friends will be friends.

But will they? Social media services, such as Facebook or Twitter, brought so many people online in the last years that it is difficult to find someone who doesn’t have at least a single online account, at least LinkedIn (which is focused mainly on jobs, but has recently started to develop into a more interactive network).

And since so many people are connected this way, online criminals have already developed tricks and methods that target these networks, especially with online scams and identity theft attempts.
If online criminals can place malicious content like drive-by downloads and pop-up ads on safe websites, they can do the same with social media accounts.

Who doesn’t have that friend in the list that clicked an offer on a fake page spreading it after to the entire list of friends?

Another danger found on these types of social media accounts is posed by online criminals that create fake profiles and personas to retrieve personal information from other users.

By collecting information (that doesn’t seem very important initially) and connecting it to other data retrieved from other locations, the IT criminals can track online habits and build a user persona in order to operate the identity theft of the targeted user.

Therefore, be careful who you add to your list of friends.

9. I don’t have important information or sensitive data on my system. Why should I worry?

First of all, are you sure there is nothing valuable on your system?

Did you let your browser remember all your passwords for your online accounts, banking websites and your e-mail address?

How much damage can you take if your e-mail account is accessed?

You may think that your data is not important for a cyber-criminal, but you should know they can collect and assemble information about you from other sources as well to have a big picture of your online habits. Later on, they can use the information to steal your online identity and use it against you.

And even when there is no important data for a potential criminal on your system, they still can use your device for various purposes.

They can use your system’s hard disk to store illegal content, install a bot to use your computer in a coordinated online attack, host phishing content or share criminal materials. At the same time, they can use your system’s resources, such as your Internet connection to access remote websites or your e-mail address to send spam to your list of friends.

Are you worried now?

10. In case I get infected, I will see that for sure.

Well, don’t be so sure about this.

In the past, when a computer started running slow and pop-ups appeared all over the screen, maybe you could tell. But today, cyber-criminal methods have evolved and increased their efficiency that in most cases, a normal user can’t tell his system is involved in spam campaigns or coordinated online attacks.

The malicious software is built to be undetectable and untraceable by antivirus products, retrieving private information without you even noticing. Designed to evade normal detection systems and working in the background, the latest data stealing malware retrieves private data like credit card details and account logins without leaving visual evidence.

here in the following article i will show you, top 11 scams used by online criminal to trick you--
For a complete list on online scams, you can take a look on this article.