While some computer security terms have become rather commonplace in our society, others remain a bit mysterious to those encountering them for the first time. Here are some basic Internet and cybersecurity terms that may help you as you increase your knowledge in this challenging field.

  • Adware. software that automatically displays or downloads advertising material (often unwanted) when a user is online.
  • Antivirus Software. Most Internet users are well aware of these computer programs since nearly every computer sold today provides at least short – term access to this type of software. In a nutshell, these programs protect your computer from Internet viruses or codes that can quickly infect and/or disable your computer (or an entire network). When functioning properly with all necessary updates, this software will constantly monitor your computer to prevent known viruses from “infecting” it.
  • Attacks. A perpetrator stages intentional active and passive attacks while trying to bypass computer security controls. During an active attack, the attacker tries to alter a computer system’s data, resources or operations. However, a passive attack simply involves trying to access, use or compromise a computer system’s information – without trying to alter its resources, operations or data.
  • Back Door. Sometimes used interchangeably with the term “trap door,” a software, hardware or malware designer creates a back door to allow themselves (or privileged others) to unauthorized access into your computer by circumventing computer security.
  • Blended Threats. Hackers or cyber terrorists who approach computer networks using blended threats are trying to maximize the damage they can inflict by using different traits of both viruses and worms.
  • Bots. A person attacks your computer with a bot – or remote control agent – by bypassing your firewall and antivirus software. Once the bot is installed on your computer, it then becomes part of a bot network (botnet) that the hacker or bot owner/bot herder can manipulate and use at will. Bots can install various types of spyware (or malicious logic) on your computer, allowing the bot owner to take it over whenever it’s connected to the Internet. Some people use the term “zombie” interchangeably with the term “bot.”
  • Cybersecurity. The activity or process, ability or capability, or state whereby information and communication systems, and the information contained therein, are protected from and/or defended against damage, unauthorized use or modification, or exploitation.
  • Encryption. The process of translating plaintext into cipher text. Unencrypted data is called plaintext (understandable and readable in its original form) while encrypted data is referred to as cipher text (intentionally making the plaintext to be unreadable and not understandable) and cannot be read without a special conversion key (decryption) returning it back to its original plaintext.
  • Firewall. A hardware/software device or a software program that limits network traffic according to a set of rules of what access is and is not allowed or authorized.
  • Gateway. This is simply a bridge between two computer networks.
  • Hacker. An unauthorized user who seeks to maliciously disrupt, compromised, or permanently damage an individual computer – or entire network of computers.
  • Internet. A massive network of networks, a networking infrastructure. It connects millions of computers together globally, forming a network in which any computer can communicate with any other computer as long as they are both connected to the Internet. Information that travels over the Internet does so via a variety of languages known as protocols.
  • Intranet.  A network based on TCP/ICP protocols (an internal internet) belonging to an organization, usually a corporation, accessible only to the organization’s members, employees, or others with authorization. A special firewall is designed to protect an intranet website from outsiders who are unauthorized to use it.
  • Keylogger. This type of harmful or malicious program is used to infiltrate your computer to record and compromise all of your computer keyboard keystroke activities, including all Internet browsing activities, banking logon credentials, e-mail usage and instant messaging communications, by sending these keystrokes back to the attacker.
  • Malicious Code. This refers to any type of unwanted software that’s installed in your computer (system) and can perform unauthorized activities. Malware is a similar term that refers to malicious software created to damage, disrupt or even possibly destroy a computer (system) with viruses, Trojan horses and other harmful programs.
  • Malvertising.  Malicious online advertising that contains malware — software intended to damage or disable computers.
  • Man-in-the-Middle Attack. When a fraudster secretly intercepts and possibly alters messages between two parties who believe they are securely communicating with each other.
  • Phishing. These Internet scam programs often contact unsuspecting people via e-mail, urging them to visit fake websites designed to look like those run by well-known banks or other reputable institutions. Perpetrators then try to steal private information by telling users it’s time to update their account passwords or usernames. If unwitting people comply, all types of fraud, including identity theft, may result.  Phishing is also a vector of attack to install malicious malware on your computer by clicking on an embedded link or opening an email attachment.
  • Ransomware. A malicious program that restricts or disables a person's computer, hijacks and encrypts files, and then demands a fee to restore the computer's functionality.
  • Scareware: A program that displays on-screen warnings of nonexistent infections on a person's computer or smartphone to trick a person into installing malware or buying fake antivirus protection.
  • Skimming. The capture of information from the magnetic stripe on credit and debit cards by "skimmer" devices that are secretly installed on card-reading systems at gas pumps, ATMs and store checkout counters.
  • SMiShing. Phishing attempts that go to a person's mobile devices via text message, telling them to call a toll-free number. Named for SMS (short message service) technology.
  • Spoofing. Any situation in which a scammer masquerades as a specific person, business or agency, but typically meaning the manipulation of a person's telephone's caller ID to display a false name or number.
  • Spyware. This type of malicious software is installed on a network of computers without the owner’s knowledge. Its main purpose is to gather personal/group information and communicate it to an attacker’s unknown third party. Spyware can monitor your activities and even pick up critical information like credit card numbers, usernames and passwords.
  • Trojan Horse. (An example of Malicious Code) This type of harmful computer program can be easily installed on your computer while you’re downloading programs or files off the Internet (or simply opening up unfamiliar email attachments). A Trojan horse will nearly always damage your computer in some way, and is often impossible to detect before downloading.
  • Virus.  (An example of Malicious Code) A computer virus is harmful “software” that attaches itself to computer files in order to impair or destroy a computer’s ability to function normally.
  • Vishing. Short for "voice phishing," the use of recorded phone messages intended to trick a person into revealing sensitive information for identity theft.
  • World Wide Web.  Or simply The Web, is a way of accessing information over the medium of the Internet. It is an information-sharing model that is built on top of the Internet. The Web uses the HTTP protocol to transmit data to allow applications to communicate in order to exchange business logic, use the the Web to share information. Web documents, called Web pages, are linked to each other and contain graphics, sounds, text and video.
  • Worm. (An example of Malicious Code) This is a malware program that replicates (reproduces) itself from machine to machine across network connections, often clogging networks and information systems as it spreads.
To learn more terms, view the Department of Homeland Security’s online glossary