Glossary of Security TermscybercriminalAn individual who commits a crime thru the use of a computer or the internet with the intention of stealing personal information (identity theft) or disrupting of computer operations.encryptionTransformation of data into a form that conceals the data's original meaning to prevent it from being known or used.firewallSecurity software that blocks unauthorized entities from gaining access to your computing environment.hackerA individual who attempts to gain unauthorized access to proprietary or secured computer systems and data.identity theftIdentity theft is any kind of fraud that results in the loss of personal data, such as passwords, user names, banking information, or credit card numbers.keyloggerA keylogger monitors what is being typed at keyboards and what mouse movements or clicks are being generated. Keyloggers come in hardware and software versions. A fraudster can go through the logs looking for account credentials and answers to challenge questions. Sophisticated software key loggers can also capture what is displayed on the screen.malwareShort for malicious software, it is any kind of unwanted software that is installed without your consent. Viruses, worms, and Trojan horses are examples of malicious software that are often grouped together and referred to as malware.phishingA type of online identity theft which uses email and fraudulent websites that are designed to steal your personal data or information.smishingA form of fraud similar to phishing that uses text messages to lure consumers into divulging important information. The text message often requires the consumers immediate attention, the contact info in the text will contain an URL or phone number. The phone number often has an automated voice response system, which requests personal or account information prior to connecting you to an operator.social engineeringA non-technical or low-technology means - such as lies, impersonation, tricks, bribes, blackmail, and threats - used to trick victims into providing sensitive personal information that can be used to access online accounts or steal their identity.spamBulk unsolicited email. Malware authors may use spam to distribute malware, either by attaching the malware to the message, or by sending a message containing a link to the malware.spear phishingA spear phishing attack has the same goal as a phishing attempt, only the scams are more targeted toward groups of people with something in common – they all bank at the same institution or work for the same organization. The messages appear to be sent from a trusted source and have a level of detail that makes the email more convincing, which is why spear phishing has a high success rate.spywareSpyware is a general term used to describe software that performs certain actions, often without the consent of the user. Spyware can gather information about a users Internet browsing habits, change computer settings, or collect personal data, transmitting this information to a third party.trojanA malicious program that is unable to spread of its own accord. Historically, the term has been used to refer to programs that appear legitimate and useful, but perform malicious and illicit activity on an affected computer.virusHidden, self-replicating malicious software that propagates by infecting another program. Viruses are designed to spread from one computer to another and to interfere with computer operations.vishingAn attempt to obtain financial or other confidential information from people through phone calls, typically automated, that seem to be from a legitimate organization. The information gathered may be used to access the victim’s accounts or impersonate them in order to open new lines of credit.wormMalicious program that replicates itself in order to spread to other computers, on a network, and may consume computer resources destructively. Unlike a virus, it does not attach itself to an existing program.