CyberSecurityGlossaryTerms A A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Adware A form of spyware that enters your computer from an Internet download Like spyware, it monitors your computer use, such as what Web sites you visit Adware gets its name from also launching numerous pop-up ads in your browser What to do: Visit the BevoWare Web site to download anti-virus and anti-spyware software Update regularly.See also: Pop-up Messages or Ads, Spyware Anti-Virus Software Anti-virus software will protect your computer from viruses encountered on the Web New viruses are born every day, so it’s important to update your anti-virus software regularly What to do: Information Technology Services (ITS) provides students, faculty and staff at the university with security software at no additional cost through the BevoWare Web site BevoWare includes Symantec anti-virus, firewall and firewall products Download, install and run security software from BevoWare on your own personal computer today Attachment A document, a picture, a video clip, program or any other kind of file that can be attached and sent with an e-mail or instant message Malicious programs, viruses or spyware are commonly spread through attachments What to do: Never open or download an IM or e-mail attachment from an unknown source or one that you are not expecting Be cautious of attachments ending in exe, com, scr, bat or pif By simply deleting a suspect attachment or message, you take another step in protecting your computer Back to top B Backdoor In a computer system, a backdoor refers to an overlooked or hidden entry into a computer system A backdoor allows a hacker or other unauthorized user to bypass a password requirement and to gain access to a computer BevoWare BevoWare is a selection of free, useful software available to all current students, faculty and staff members at The University of Texas at Austin BevoWare includes anti-virus, firewalls, Web browsers, media viewers, and lots more It is all available to download from ITS online at the BevoWare Web site BevoWare includes: Norton and Symantec Anti-Virus, Symantec Firewall, SpyBot Search & Destroy, Adobe Acrobat, Apple QuickTime, Macromedia Flash Player, and SpyWare Blaster Download, install and run security software from BevoWare on your personal computer today Back to top C Cookie A small data file that a Web site installs on your computer's hard drive to collect information about your activities on the site or to allow other capabilities on the site Web sites use cookies to identify returning visitors and profile their preferences on the site For example, many online shopping sites use cookies to monitor what items a particular shopper is buying to suggest similar items Cookies are somewhat controversial as they raise questions of privacy and can be used by hackers as spyware Back to top D Download The transfer of data from one computer (or server) to another computer Downloading can refer to documents, software programs, photo, music or movie files Often downloads can mask unwanted malicious programs What to do: When you go to download that "free" screen saver, you may also be downloading spyware or a virus Make sure you only download material from a legal, well-known source Also, since instant message and e-mail sender names can be spoofed, only download instant message or e-mail attachments that you are expecting.See also: Attachment Back to top F Firewall A security tool that protects an individual computer or even an entire network from unauthorized attempts to access your system Firewalls often protect e-mail servers from receiving spam A firewall will also scan both incoming and outgoing communications for your personal information and prevent it from leaving your computer without permission What to do: Students, faculty and staff can download, install and run the Symantec Firewall available on the BevoWare Web site at no additional cost Back to top H Hacker A hacker is someone who has the technical know-how to intentionally breach or "hack" into a computer system to steal confidential information or to cause damage to a computer or whole network Hackers are often looking to find financial or personal information in order to steal money or identities They are not nice people HTTP (Hypertext Transfer Protocol) This is the standard language that computers use to communicate with each other on the Internet Web addresses tend to start with http://www.See also: HTTPS HTTPS If a Web address begins with https, it indicates that the Web site is equipped with an additional security layer Typically, users must provide a password or other means of authentication to access the site This is often used when making payments online or accessing classified information What to do: When asked to provide personal information online, such as a credit card purchase, always look for https in the URL before you so If it's not there, the site is not secure and neither is your information Back to top I Instant Messaging (IM) Instant messaging rivals e-mail as the most popular form of online communication IM allows users to relay messages to each other in real time for a "conversation" between two or more people IM is also becoming the quickest new threat to network security Because many IM systems have been slow to add security features, hackers have found IM a useful means of spreading viruses, spyware, phishing scams, and a wide variety of worms Typically, these threats have infiltrated systems through attachments or contaminated messages What to do: • Use a strong IM password • Don’t automatically accept incoming messages or file transfers—even if you think you know the sender IM addresses can be easily forged and file transfers are commonly used to launch viruses • Don’t discuss personal or private information Often, IM programs are easily compromised allowing hackers to read your messages as if they were postcards • Watch for and download security upgrades from IM companies and BevoWare Check them often for important patches and updates Back to top M Malware This term refers to any "malicious software" created to damage or illegally access a computer or network Computer viruses, worms, spyware, and adware are all examples of malware Back to top P Personal Information Any information that can personally identify you, such as your name, address, phone numbers, your schedule, Social Security number, bank account number, credit card account numbers, family members’ names or friends’ names What to do: Treat your personal information with the utmost confidentiality on the Web Finding this information is often the goal of hackers looking to steal your identity or your money Also, don’t send personal information over e-mail or IM These are insecure methods of communication and can be read or intercepted by outside sources Remember, once you send an e-mail, you no longer control the information in it It can be forwarded to other people without your knowledge or consent Keep your personal information private Phishing Like the sport it’s named after, phishing refers to an urgent instant message or e-mail message meant to lure recipients into responding Often these messages will appear to be from a friend, a bank or other legitimate source asking for personal information such as names, passwords, Social Security numbers or credit card information These messages might also direct users to phony Web sites to trick users into providing personal information Users falling for the "bait," often have their money or identities stolen.What to do: Be suspicious of any message asking for personal or financial information If you are unsure about a message’s authenticity, never click a link within the e-mail taking you to any Web site Banks or other legitimate organizations are not likely to contact you in this manner due to the security risks of sharing sensitive material online If you think the message may be legitimate, call or contact the sender using contact information you already have, not the contact information provided in the suspicious message These types of IM or e-mail messages should be treated like spam: delete them.See also: Social Networking Sites, Spam Pop-up Messages or Ads Unsolicited advertising that "pops up" in its own browser window Adware programs can overrun a computer with pop- up ads or messages If you are receiving a huge amount of pop- ups in your online sessions, your computer may be infected with adware, spyware or a virus Back to top S Social Engineering This refers to a direct communication, either in person, by phone, by fax or over the Internet, designed to trick you into providing your personal information These messages usually ask you to "update" or "confirm" information by typing in a reply or clicking on a link Legitimate institutions, such as banks, not send e-mail or IM of this nature due to security concerns on the Internet "Phishing" is a prime example of social engineering See also: Phishing Social Networking Sites These are Web sites, such as Facebook or MySpace, where users build online profiles and share personal information, opinions, photographs, blog entries, and other media to network with other users, to find new friends or find a new job Unfortunately, social networking sites have become targets of online predators, spammers, and other dangerous forces on the Web What to do: Keep in mind that the Internet is a public resource Only post information you are comfortable with anyone seeing and we mean anyone—your parents, your grandparents, your siblings, your teachers, your employer, even potential employers It’s not uncommon for companies to run an Internet search of job applicants before they offer them a position There are several stories of people being "weeded out" from a job search due to compromising or illadvised photos and information found on the Web, usually posted by that very person! Even if you remove information, that same information may still be living on other people’s computers or networks Also, don’t post information that would make you vulnerable to a physical attack, such as your address, your schedule or where you will be meeting friends this weekend Most of all, be careful of people you meet on the Web The Internet provides people with a certain amount of anonymity The Internet makes it easy for predators to pose as something they’re not Spam Unsolicited, commercial e-mail messages that are sent out in bulk, often to millions of users in hopes that one person may actually reply Spam messages often involve Internet hoaxes and should be deleted immediately Responding to a spam message will confirm to the sender that they have reached a legitimate e-mail address and they will more than likely continue to send messages to that address What to do: Never respond to spam! Delete it.See also: Firewall, Phishing, Social Engineering, Spim Spim A new term for spam messages being sent to instant message addresses What to do: Simply ignore them Also, never respond to a message that looks like spim A response will confirm to the sender that your account is legitimate and it’s likely the messages will continue Spoofing Forging an e-mail or instant message address to make it appear as if it came from someone or somewhere other than the true source Whole Web sites can also be spoofed, tricking users into providing their passwords or other personal information, such as their credit card information Spyware Spyware refers to a software program that slips into your computer without your consent to track your online activity These programs tend to piggyback on another software program When the user downloads and installs the software, the spyware is also installed without the user's knowledge There are different forms of spyware that track different types of activity Some programs monitor what Web sites you visit, while others record key stokes to steal personal information, such as credit card numbers, bank account information or passwords What to do: Consider the reliability of the site offering the software download Be careful if a download prompts you to accept the installation of additional software Scan the fine print before downloading If you see anything that refers to monitoring browsing sessions or collecting information, consider this your "red flag" that you may be installing spyware Also, keep your systems up to date with BevoWare BevoWare includes two anti-spyware products for students, faculty and staff to download, install and run on their computers at no cost: SpyBot Search & Destroy and Spyware Blaster Visit the BevoWare Web site to download these programs and protect yourself from spyware Don’t forget to update regularly.See also: Adware Back to top T Trojan horse If you read "The Iliad" in high school, you will remember that the Trojan horse concealed an army and fooled the citizens of Troy into taking it inside its city walls Once inside the city gates, the army was let loose and brought Troy down Similarly, in computer security terms, a Trojan horse refers to a malicious program that enters a computer or system disguised or embedded within legitimate software Once installed on a computer, a Trojan horse will delete files, access your personal information, reconfigure your computer or even allow hackers to use your computer as a weapon against other computers on a network.What to do: Like most other viruses or malicious programs, Trojan horses are most commonly spread through e-mail or IM messages Never open a message attachment unless you are expecting, even from someone you know IM or e-mail addresses are easily forged and what you think is a message from your roommate could be from someone you’ve never met and would never want to meet Also, check the file extension of all attachments you receive If the attachment ends in exe, com, scr, bat, or pif, be careful These suggest a program that may start running on your machine if you click on it Also, make a habit of regularly checking the BevoWare Web site for updates and patches to your anti-virus software.See also: Pop-up Messages or Ads, Spyware Back to top V Virus A program that attaches itself to an executable file or vulnerable application and delivers a payload that ranges from annoying to extremely destructive A file virus executes when an infected file is accessed A macro virus infects the executable code embedded in Microsoft Office programs that allows users to generate macros Back to top W Worm Just as a worm burrows through an apple making it inedible, a computer worm is a program built to reproduce itself and spread across a network, rendering it ineffective A worm may be designed to complete several different malicious activities However, one common denominator is that a worm can harm a network by consuming large amounts of bandwidth, potentially shutting the network down Viruses, on the other hand, are more limited to targeting computers one-at-a-time A virus also requires other programs to execute and replicate, whereas a worm can act independently of other programs What to do:To keep a computer worm from entering your computer and network, be wary of unexpected or unknown e-mails, IMs or attachments Also, use anti-virus software on your personal computer and update it regularly.See also: Pop-up Messages or Ads, Spyware Back to top Z Zombie A computer overtaken by a hacker and used to perform malicious tasks Commonly, zombie computers are used to send large amounts of spam or host fraudulent Web sites What to do: If you believe your computer has been taken over by an outside source, first: disconnect it from the Web Then, contact theITS Help Desk.See also: Spyware, Pop-up Messages or Ads ... or more people IM is also becoming the quickest new threat to network security Because many IM systems have been slow to add security features, hackers have found IM a useful means of spreading... inside the city gates, the army was let loose and brought Troy down Similarly, in computer security terms, a Trojan horse refers to a malicious program that enters a computer or system disguised... a Web address begins with https, it indicates that the Web site is equipped with an additional security layer Typically, users must provide a password or other means of authentication to access