Glossary of Attacks and Incidents
There are many types of attacks and incidents used by cyber criminals to attack you and your business. The purpose of this section is to provide you with a summary of the methods used by the criminals.
Attacks A - J
Advance-Fee Fraud A type of scam in which a cybercriminal persuades a potential victim to help transfer a substantial amount of money to an account. The victim is offered a commission for facilitating the transaction or multiple transactions. The Nigerian scam, also called the 419 scam, is a prime example of advance-fee fraud.
Bogus Redirection A process that captures traffic addressed to a legitimate website and sends (redirects) it to a different website instead. Some malware does automatic redirection to fool users into thinking they’re interacting with a valid and legitimate site rather than a malicious one.
Botnet A network of remotely controlled computers, usually meant for malicious purposes.
CEO Fraud Criminals target specific organizations and seek to directly infect the computer of the CEO (or other high-level manager). Once malware has been slipped onto their victim’s computer, the criminals observe the habits and styles of that CEO, building up a profile of how he or she operates, writes, sounds and acts. After weeks or even months, often when the manager has gone on vacation or a business trip, they send out emails and letters written exactly in the style of the CEO. For example, the CFO might receive an email, seemingly from the CEO, ordering a million dollars to be transferred or paid. Since the order appears to be valid, the CFO probably will perform the fraudulent transfer and no one will be the wiser until the CEO returns.
Denial of Service (DoS) Attack Overloading a computer with so much traffic or requests that communications to and from that computer are disrupted. Attackers often launch DoS attacks against web servers, preventing anyone else from accessing the associated websites.
Distributed Denial of Service (DDoS) Attack An extension of a DoS attack in which several systems are used to deploy an attack. Using many systems for a DDoS attack can ensure that communications are completely denied rather than disrupted to a lesser extent.
Drive-by Download A transfer of software from a web server to an unsuspecting user’s computer. It occurs in the background, with no notification, when a user visits a particular web page. A user need only access the web page to be subject to the download. Such downloads usually include malware when some kind of scam or attack is under way.
Attacks K - P
Keylogger Malware that records every keypress a user makes on his or her machine into a special file called a keystroke log.
Malware Any software that’s installed on a computer with the intention of executing malicious code and/or causing damage. Typically, the software installs without the owner’s permission.
Man-in-the-Middle Attack An attack in which data sent and received between two parties in an ongoing connection is intercepted. The attacker can record, read, or even alter the contents of that traffic.
Money Mule A person recruited by a criminal or criminal organization to quickly receive and turn around funds involved in scams. The scams are often related to ACH, credit card, or similar online transactions. The money mule is often unaware of his or her actual role.
Nigerian scam A fraud often perpetrated via email in which a scamster promises financial gain in return for funds advanced. The scam began in the 1980s, at the decline of a once oil-based Nigerian economy. Dozens of variations now exist throughout different countries. Also called the 419 scam.
Phishing Email fraud that uses various techniques to persuade someone to divulge sensitive or confidential information, such as credit card or bank information. Phishing is a kind of social engineering attack.
Phreaking A form of fraud that involves directly hacking telecommunications systems.
Attacks R - S
Attacks R – S
Ransomware Malware which holds a computer hostage by blocking access and/or encrypting files until a ransom is paid.
Rogueware Spyware or other malware that often masquerades as antivirus software. Users respond to bogus virus discovery pop-up ads or repair offers to help them get rid of viruses they don’t really have. Instead, malware is installed on their machines.
Session Hijacking An attack method that captures the attributes of a website session from one of the parties involved (usually on the client or user end). It then takes over (hijacks) the session from the legitimate user. The attacker keeps the session going and impersonates the user.
Smishing Phishing conducted via Short Message Service (SMS), a telephone-based text messaging service. A smishing text, for example, attempts to entice a victim into revealing personal information.
Sniffer A network tool that captures data transmitted across a cable or wireless connection and lets the user analyze the data to determine its payload. Also referred to as a packet analyzer or protocol analyzer.
Social Engineering The act of tricking people into divulging information that they shouldn’t share with an unauthorized third party. Also, the act of gaining sensitive information by deception.
Spear Phishing A type of phishing attack that aims to collect information about a specific organization or company. Spear phishing messages may appear to originate from a large or well-known company or website, a coworker, or an internal manager.
Spoofing Forging an email header so that the message appears to have originated from someone other than the actual source.
Attacks T - Z
Tabnabbing Using browser tabs to impersonate legitimate websites and create fake login pages that trick victims into revealing private information. Tabnabbing works when you have two or more tabs open in a web browser. When a tab is left unattended for several minutes, a tabnabber can redirect the site in the unattended tab to a different, malicious login site
Tailgating A method used by social engineers to gain access to a building or other protected area. A tailgater waits for an authorized user to open and pass through a secure entry and then follows right behind.
Trojan (or Trojan horse) Malware that sends information from a victim’s computer to a remote computer, usually across the Internet, for malicious purposes. used with a keystroke logger, the Trojan sends the keylog to cyber-thieves who comb the log for sensitive user information.
Typosquatting Purchasing a web domain that is a character or two different from a legitimate and well-known social or company website. When a person mistypes the web address, a website appears that looks very much like the intended site. Typosquatting is usually done for fraudulent purposes. Also called URL hijacking.
Vishing A phishing attack conducted by telephone, usually targeting voice over IP (VoIP) users, such as Skype users.
Voicemail Overloading Spamming over Internet telephony. Much like getting spam email, a voice over Internet Protocol (VoIP) user can get junk voicemails. Spammers simply send a voicemail message to thousands of IP addresses at a time.
Whaling Phishing attacks that target high-ranking executives at major organizations or other highly visible public figures.
Zombie Compromised computers that form a botnet.
Source of Information
Information taken from Knowbe4 website “The Cyber-Heist e-book“