Spim? Spam? Spit? Stop feeling overwhelmed by Internet security jargon. Use this handy glossary to figure out what’s what!
Adware, or advertising-supported software, displays advertisements on your computer in the form of banners and pop-up windows. These ads are a way for software companies to generate revenue. Some adware runs on your machine without your knowledge and consent, while others are intentionally downloaded. While adware is more of a pesky nuisance than a harmful threat to your cybersecurity, some adware might collect information about your browsing behaviour and sell it to third parties.
Asymmetric encryption, or public-key cryptography, is an encryption method that requires two keys to access a server: a public key for encryption, and a matching private key for decryption.
Anti-virus software, otherwise known as anti-malware software, scans your computer or mobile device to detect and restrict the spread of malware on your machine. Since malware is constantly evolving, anti-virus software cannot always detect it, so your machine is always at risk of infection. Anti-virus software is also deployed at an administrative level; many email servers use it to scan emails.
A backup is an extra copy of the files on your computer or mobile device. It is typically stored in a separate location from the original files, such as on another drive or in the cloud. If anything happens to your files — if they go missing or get destroyed — then you will be very thankful you have a backup!
A backdoor opens a “backdoor” to your computer or mobile device through which hackers and other malicious individuals can connect to your machine and infect it with malware and spam.
A blended threat is a combination of two or more “traditional” malware rolled into one truly pesky package. An example might be a combo of a Trojan horse, a keylogger, and a worm. Fighting off a blended threat requires a blend of security tools and protection layers.
A blog, short for “web log”, is a website where users publish content (known as posts) on a regular basis. Blog posts are typically displayed in reverse-chronological order, meaning that the newest content appears first. Check out the ExpressVPN blog here.
Bluetooth or IEEE 802.15.1
Bluetooth is a wireless technology standard for data exchange over short distances. Bluetooth enables short-range wireless communication between keyboards, mice, telephones, headsets, tablets, and other devices.
Bot or web bot
A bot (from the word “robot”) is a software program that performs automated tasks on the Internet. While bots have certain legitimate uses, like crawling and indexing the Web to make search engines more efficient, they can also be used for malicious purposes. Evil bots can take over computers, deploy malware attacks, and compromise user data.
Botnet or zombie armies
A botnet (also known as zombie army) is a cluster of computers whose systems have been seized and compromised by an individual with malicious intent. The individual uses these machines to carry out acts of cyber malice, like sending spam and launching denial-of-service attacks.
A browser hijacker changes your browser’s settings without your permission by replacing your homepage, search page, and error page with pages of their own. A browser hijacker redirects your Internet activity in order to collect advertising revenue from you, as well as your personal and browsing data.
A certificate authority is a trusted third-party entity that issues digital certificates. A digital certificate verifies that a public key belongs to the individual whose digital signature is on that certificate.
A chat room is an area on the Internet where individuals can communicate with one another in real time. Chat rooms are separated by topic. Many chat rooms are monitored by moderators, who ensure that users behave according to that chat room’s code of conduct. Since chat rooms allow users to participate anonymously, they can be frequented by predators, who disguise themselves to prey on vulnerable children and teenagers.
A cookie is a little piece of data stored in your web browser. When you visit a website, it sends a cookie to your computer to remember your surfing behavior, like what buttons you click and what items you add to your shopping cart, as well as your log-in information. Cookies are not software and cannot destroy your computer or mobile device, but they can track your browsing activity.
Defragment or defragging
Defragging, or the defragment of your computer, is the process whereby information and files stored on your hard drive are reorganized into a more logical order. The actual defragment process can slow your computer down, but once it’s complete, your hard drive should be considerably quicker.
DHCP stands for Dynamic Host Configuration Protocol. It is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers configured for a given network. DHCP assigns an IP address when a system with the DHCP client is started.
A digital certificate or identity key is normally issued by a web certificate authority and contains the sender’s public key verifying that the certificate is authentic and that the website in question is legitimate.
A digital signature is normally used in public key cryptography and validates the legitimacy of encrypted data. A digital signature is required to authenticate both the sender of the digital certificate and the authenticity of the certificate.
Domain spoofing or Domain hijacking
When a domain is hijacked or spoofed, it redirects users to an external website which can infect their computer or device with malicious programs.
A drive-by download is a download that a person either unwittingly downloads or downloads without understanding the consequences of downloading the file from a website, email, or pop-up window.
DNS stands for Domain Name System. It syncs up web domain names (e.g. www.expressvpn.com) with IP addresses (e.g. 172.16.254.1), enabling users to use domain names to access IP addresses without needing to remember the IP addresses.
DoS stands for Denial of Service. It’s a type of attack in which a website or network is overwhelmed with automated server requests, causing a shutdown of service to legitimate visitors.
An exploit refers to code that takes advantage of a known software vulnerability to gain unauthorized access to a system.
File compression or data compression
To compress a file means to make it smaller by converting its data into a different format. Usually, it is put into an archive format such as .zip, .tar, or .jar. See also image compression.
A firewall is a security system that regulates traffic into and out of a network. It can be used to block unauthorized entry from outsiders or to block insiders from accessing unauthorized content.
FTP stands for File Transfer Protocol, a set of rules for transferring files on the Internet. Some web browsers have a built-in FTP client, but there are also separate apps dedicated to FTP.
GIF stands for Graphics Interchange Format, a bitmap image format. Limited to 256 colors, they are inconvenient for high-quality photos, but due to their support for animation GIFs have become a popular format for short, silent, looping videos on the Internet.
The term hacker is commonly used pejoratively to describe a malicious person who gains unauthorized access to computer systems with criminal intent, but is also used positively by the coding community as a term of respect for any highly skilled programmer.
HTML stands for HyperText Markup Language, the standard language for web pages on the Internet. HTML is not a programming language like C++ or Python, but a markup language, meaning it defines the way text and other media is read by a web browser, i.e. which text is bold, which text is a heading, which text or which image is a hyperlink, and much more.
Tags are the elements of code that mark up text in an HTML file to be interpreted by the web browser into a web page. Examples include <p> for paragraphs, <h1> for headings, and <img> for images.
HTTP stands for HyperText Transfer Protocol, the set of rules that determine how web browsers and servers communicate with each other on the Internet.
HTTPS is the secure version of HTTP. If a URL contains “https” instead of “http”, it means that website uses encryption and/or authentication methods to secure its connection.
A hyperlink (or just link) is a piece of text or image on a website that connects (or links) you to another page or file on the Internet. Hyperlinks are conventionally distinguished from their context with an underline and/or a different color.
IM stands for Instant Message, a message sent over the Internet via any number of real-time chat applications.
Image compression is the process of converting a raw image file (usually a photo) to a smaller format. JPEG and GIF are two such formats. See also file compression.
The internet is the global, publicly available network of smaller networks and computers within it. Not to be confused with the World Wide Web, which refers to the information space of pages and other content transferred over that network.
An IP (or Internet Protocol) address is the numerical identifier for a computer on the Internet. IP addresses are generally written as a string of digits punctuated by dots or colons as in 172.16.254.1 (IPv4), and 2001:db8:0:1234:0:567:8:1 (IPv6). IP addresses are often linked to geographic areas, allowing a website to identify the country and/or city from which a user is accessing the site.
JPEG, which stands for Joint Photographic Experts Group, is an image file format popular on the Internet for its ability to retain photo quality under compression. JPEGs are indicated by the file extensions .jpeg or .jpg.
A keylogger is a piece of software that records a user’s keystrokes on a keyboard. Sometimes this is used for technical support, but other times it is used maliciously, without the knowledge of the user, to collect passwords and other personal data.
MP3, or Mpeg audio layer 3, is a popular compressed file format for audio recordings. MP3s are indicated by the file extension .mp3.
Malware is malicious software, often installed and run without a user’s knowledge. Examples include keyloggers, viruses, exploits, adware, and spyware.
Also called two-way authentication, mutual authentication is when both sides of a transaction authenticate each other simultaneously. Online, this is often used to prevent fraud by requiring both the user’s web browser and a web site’s server to prove their identities to each other.
In the context of computing, a network is a group of devices that communicate with each other, whether by physical cables or wirelessly. Networks range in scale from the connection between your computer and a wireless router, to the Internet itself.
A patch is a software update targeted to fix one or more vulnerabilities. Good software developers are constantly testing their code and issuing new patches to users. See also vulnerability.
Phishing is the attempt to acquire personal information (such as a password or credit card number), generally for malicious purposes, by assuming the identity of a trusted authority. One common form of phishing is an email pretending to be from a user’s bank, asking the user to enter his/her online banking login information on another site.
Pharming is the (generally malicious) attempt to redirect a user to an imposter website, either by altering a file on the user’s computer or by attacking the DNS server which converts URLs into IP addresses.
A podcast is a regularly updated series of audio files from a content provider, the modern analogue of a radio program. The term was coined as a portmanteau of “iPod” and “broadcast”, though today podcasts are commonly downloaded or streamed onto any number of smartphones and other mobile devices.
A private key is the tool used to decrypt messages in an asymmetric encryption scheme. As its name suggests, this key is not made public, unlike the public key used to encrypt the message. See also asymmetric encryption and public key.
VPN Protocols are the methods by which your device connects to a VPN server. Some common protocols are UDP, TCP, SSTP, L2TP, and PPTP. Find out about the different protocols here.
A proxy is an intermediary server that allows the user to make indirect network connections to other network services.
A public key is the key used to encrypt a message in asymmetric encryption. Unlike the private key, the public key can safely be shared with anyone without compromising the security of the message.
Rogue security software
Rogue security software is malware that poses as anti-malware software, often in an attempt to install additional malware or solicit money for its false services.
Ransomware describes malware that prevents a user from accessing normal functions of a system unless a ransom is paid to its creator.
Data recovery is the process of using backups, e.g., from a hard drive or online storage, to restore lost data.
A router is a piece of hardware that directs traffic between networks, most commonly between a computer and the rest of the Internet. Practically, the word “router” is often used as shorthand for “wireless router”, a type of router that also functions as a wireless access point.
RSS stands for Really Simple Syndication, and is a popular method for publishing regularly updated content on the Internet. Instead of repeatedly checking a website for new content, a user can subscribe to an RSS feed using a feed reader or aggregator to receive automatic updates from that and other sites.
A rootkit is a type of stealth malware designed to hide its own existence from detection. Because of this, rootkits are often extremely difficult to remove, and often necessitate completely wiping the hard drive and reinstalling the operating system.
As opposed to asymmetric encryption, symmetric encryption requires the same key to encrypt and decrypt a message. Therefore both keys must be private in order to keep the message secure, unlike asymmetric encryption in which the key for encryption can be public.
SMTP stands for Simple Mail Transfer Protocol, a standard set of rules for sending email through the Internet. At the user level, it is generally used only as a sending protocol. For receiving, applications generally prefer other protocols like POP3 or IMAP.
Social engineering is the umbrella term covering scams like phishing, pharming, spam, and scams. Unlike other forms of malicious hacking that exploit a user’s software, social engineering exploits our natural tendency to trust each other.
Spam is unwanted email, also known as junk mail. Modern email clients like Gmail automatically detect messages likely to be spam and sort it into a separate folder.
SPIM is spam in instant message (IM) form. See also spam.
SPIT is spam over VoIP, e.g. Skype or Viber. See also spam.
Split Tunneling is the process of allowing a VPN user to access a public network while also allowing the user to access resources on the VPN.
Spyware is malware that logs data from a user’s computer and secretly sends it to someone else. This data can be anything from a user’s browsing history to login names and passwords.
Spear phishing refers to phishing targeted at a specific user or organization. Because of this targeting, spear phishing more likely to appear authentic to its victims, and is generally more effective at deceiving them. See also phishing.
SSL stands for Secure Sockets Layer. It is the standard security technology for establishing an encrypted link between a web server and a browser, ensuring that all data passed between the web server and browser remains private and secure.
A Trojan horse, or simply Trojan, is malware masquerading as legitimate software, named after the famous Trojan horse in which ancient Greek soldiers smuggled themselves into Troy. Trojans often act as a backdoor to give an attacker remote access to a user’s computer. See also backdoor.
URL stands for Uniform Resource Locator. A URL is a web address, like www.expressvpn.com. When a user types a URL into a web browser, the URL is then translated into an IP address by a DNS server. See also DNS.
URL spoofing is the attempt to mislead a user to a different (often malicious) website by imitating or “spoofing” a legitimate URL.
A computer virus is malware that replicates itself and infects computer data, files, programs, and systems, similar to its namesake that infects human bodies. See also malware.
VPN stands for Virtual Private Network. It is an encrypted tunnel between two devices which allows you to access every website and online service privately and securely.
In the context of computing, a vulnerability refers to a known weakness in a piece of software that could potentially be exploited by an attacker. Software developers generally test for vulnerabilities and release patches to fix them. See also exploit and patch.
VoIP stands for Voice over IP (Internet Protocol). VoIP is the Internet equivalent of a telephone service, most commonly implemented by Skype and Google Hangouts.
ExpressVPN is a premier VPN client that offers best in class security with easy-to-use software.
A web page is a file on a server that can be accessed by someone via the Internet. Generally, this file is written in HTML and includes text, images or other media, and links to other web pages.
A web server is a computer that stores, processes, and delivers web pages to clients who request them. This is usually done through a web browser which then displays the page to the user.
WEP stands for Wired Equivalent Privacy, and is a security protocol for wireless networks. Due to known security flaws, WEP has since been superseded by WPA and WPA2. See also WPA.
Wi-Fi (a play on “Hi-Fi”) is a local area wireless technology that lets devices network with each other over radio frequencies.
A Wi-Fi hotspot is a physical location where you can connect your Wi-Fi-enabled device to the Internet over a public wireless network. Be careful, though! While many Wi-Fi hotspots use WEP or WPA security protocols to encrypt your connection, others have no such security features, leaving you and your data vulnerable to malicious third parties.
Like a virus, a worm is self-replicating malware. Unlike a virus, a worm is a standalone program and does not need to be part of another program to function. See also virus.
WPA stands for Wi-Fi Protected Access. WPA is a wireless security protocol designed to replace WEP with better encryption and authentication. In turn, WPA2 is a replacement for WPA. See also WEP.
XML stands for Extensible Markup Language and like HTML, is used to format and present information on web pages. However, unlike HTML it does not have a fixed set of formatted tags but instead acts as a meta-language. This flexibility allows webmasters to be able to construct their own markups.