| 419 Scam: This is the generic name for what is known as
Nigerian email Scam. This
covers all he permutations (countries) from which the same sort
of email may seem to originate (e.g. Belize, Kuwait, Zambia, etc). The
email offers typically offers you part of a large fortune if your
help the sender “remove” the fortune from their country. |
809 Scam: This email scam is actually a phone scam,
in which a message (usually an email) tries to get you to call
the “toll-free” 809 number. The problem is that
the 809 area code is actually not toll-free. In fact the
caller is billed at up to $25 per minute when they call and stay
on-hold waiting to speak to a person who never answers.
|
| Attack: Intentional act of attempting to bypass one or more
computer security controls. |
| Authenticate: To verify the identity of a user, user device,
or other entity, or the integrity of data stored, transmitted, or
otherwise exposed to unauthorized modification in an information
system, or to establish the validity of a transmission. |
| Authentication: Security measure designed to establish the
validity of a transmission, message, or originator, or a means of
verifying an individual’s authorization to receive specific
categories of information. |
| Denial of Service (DoS): A means of attack against a computer,
server or network; the result of the attack is to disable or shutdown
the system or network. |
| Dictionary attack: An attack that uses a brute-force technique
of successively trying all the words in some large, exhaustive list
for the purpose of finding good email addresses for a given domain. |
| Distributed Denial of Service (DDos): An attack that uses
a "community network" to initiate a "denial of service”. DDos
programs receive instruction from a controller program in order to
carry out an attack - the attack itself is designed to disable or
shutdown the target of the attack. |
| DNS: Domain Name System. The primary purpose
of the DNS is to allow us to locate a web site by using its domain
name rather than its IP address. For example, when you
type in "http://www.mailfrontier.com," the computer doesn't
immediately know that it should look for MailFrontier's Web site.
Instead, it sends a request to the nearest DNS server, which finds
the correct IP address. |
| DNS Spoofing: Assuming the DNS name of another system by
either corrupting the name service cache of a victim system, or by
compromising a domain name server for a valid domain. |
| Emoticon: These are the little text-based faces and
objects that you often see in e-mail and online chat, for example
:-) |
| Firewall: A computer firewall is used to protect a
networked server or client machine from damage by unauthorized users.
The firewall can be either hardware or software-based. |
| Gateway: A gateway is either hardware or software
that acts as a bridge between two networks so that data can be transferred
between a number of computers. |
| HTTP: "HyperText Transfer Protocol." This is the
protocol used to transfer data over the World Wide Web. |
| In-the-Wild: A virus that is in circulation. Currently about
250 viruses exist in the wild. |
| Malware (Malicious Software): Programs that are intentionally
designed to perform some unauthorized (and often harmful or undesirable)
act such as viruses, worms, and trojans. |
| MIME: Multipurpose Internet Mail Extensions. The standard
for defining the types of files attached to standard Internet mail
messages. The MIME standard is also used in many situations where
one computer program needs to communicate with another program about
what kind of file is being sent. |
| Phishing: From a business point-of-view the term has its
roots in the fact that Internet scammers use lures to "fish" for
users' computer related information (account names, passwords, etc)
in an attempt to gain access to a company’s information systems. |
| Port: An internet port is a number that indicates what kind
of protocol a server on the Internet is using. For example, Web servers
typically are listed on port 80. Web browsers use this port by default
when accessing Web pages. FTP uses port 21, e-mail uses port 25,
etc. |
| Probe: An attempt to gather information about an information
system for the apparent purpose of circumventing its security controls. |
| Proxy: Software agent that performs a function or operation
on behalf of another application or system while hiding the details
involved. |
| Real-time Black List (RBL): A list of IP addresses
which are known or suspected sources of Spam email. There are
hundreds of different lists each having slightly different criteria
for getting on and getting off the respective list. The lists
can range in makeup from containing IPs for Dial up lines to Open
Relays to “known” spammer IPs. |
Spam: To indiscriminately send unsolicited, unwanted,
irrelevant, or inappropriate messages, especially commercial advertising
in mass quantities. Noun: electronic "junk mail".
|
| Spoofing: Unauthorized use of legitimate identification
and authentication data, however it was obtained, to mimic a subject
different from the attacker. Impersonating, masquerading, piggybacking,
and mimicking are forms of spoofing. |
| Threat: Any circumstance or event with the potential to
adversely impact an information system through unauthorized access,
destruction, disclosure, modification of data, and/or denial of service. |
| Trojan Horse: A program that either pretends to have, or
is described as having, a set of useful or desirable features, but
actually contains a damaging payload. Most frequently, the usage
is shortened to "Trojan". Trojan Horses are not technically
viruses, since they do not replicate |
| Virus: Self-replicating, malicious code that attaches itself
to an application program or other executable system component and
leaves no obvious signs of its presence. |
| Vulnerability: Weakness in an information system, system
security procedures, internal controls, or implementation that could
be exploited. |
| Worm: Independent program that replicates from machine to
machine across network connections often clogging networks and information
systems as it spreads. |
