Security glossary

Below you will explanations of the most important terms relating to IT fraud. If you cannot find a specific term, try following the link at the bottom of this page.

  • Adware

    Adware is a generic term for applications that display unwanted advertisements on computers and mobile devices. Adware may also monitor your online behaviour and record the history of websites visited.

  • Antispyware

    Antispyware can prevent computers and mobile devices from being infected with adware and spyware. Most antispyware programs scan devices for adware and spyware and provide real-time protection.

  • Cash trapping

    Cash trapping is a scam that involves attaching a device to an ATM to prevent the user from retrieving cash. When the ATM user leaves because he or she believes that the ATM is broken, the fraudsters will use a special tool to get hold of the money.

  • CEO fraud

    In the case of CEO fraud, the fraudster pretends to be the CEO or another senior staff member, tricking an employee into transferring money to an unknown account.

  • DDoS

    DDoS (Distributed Denial of Service) is an attack in which a number of computers in a network communicate with a server or a system at the same time, thus overloading it so it breaks down.

  • DoS

    DoS (Denial of Service) has the same purpose as DDoS, but the attack comes from a single computer.

  • EV certificates

    EV certificates are an extension of the ordinary SSL certificates that make it possible to offer encrypted (secure) connections. In order to get an EV certificate, both the domain and the company behind it must be approved by a verified third party. On websites with EV certificates, the browser’s address bar is green. (See also SSL certificates.)

  • Firewall

    A firewall is hardware or software blocking unwanted traffic to and from a network – typically the internet. A firewall thus provides good protection against both hacker attacks and worms. Like all other programs, firewalls must be updated regularly in order to provide the best possible protection.

  • Encryption

    Encryption means that you make information unreadable to anyone other than the recipient of the information. Encryption is used for increasing security when information is exchanged.

  • Malware

    Malware is a generic term for concealed programs that may damage or take control of computers, mobile phones and tablets. It includes viruses, worms, trojan horses, spyware, adware and ransomware. Malware is designed to gain access to sensitive information and to destroy data and operating systems.

  • Mobile Device Management (MDM)

    Mobile Device Management is a solution that enables IT departments to manage content on mobile devices. It allows IT department staff to add and delete apps, update apps and manage rights on every mobile device in a business.

  • Phishing

    The purpose of phishing is to get a victim to disclose personal information. This can be done through a fake website or an e-mail that seems to come from a bank, a public authority or a well-known company. Phishing may also involve malware (a generic term for concealed programs that may take control of computers, mobile phones and tablets).

  • Ransomware (see malware)

    Ransomware involves fraudsters blocking the access to a victim’s own data and demanding a ransom to unblock the data.

  • Shoulder surfing

    Shoulder surfing is a term for situations in which fraudsters look over your shoulder to see the PIN you enter and then steal your payment card. Shoulder surfing typically takes place in a shop or at an ATM.

  • Security gaps

    Security gaps are minor errors in programs and operating systems that enable fraudsters to gain access to computers, mobile phones and tablets. Consequently, it is important always to keep programs updated to the latest versions that have closed known security gaps.

  • Skimming and card fraud

    Skimming is a type of fraud in which fraudsters use a special card reader to copy the contents of the magnetic stripe on a payment card. Skimming can also occur at unmanned terminals such as ATMs and petrol stations, in shops, at parking meters, in restaurants and other places where card readers are frequently used.

  • Smishing

    Like phishing, smishing is a method to get a victim to disclose personal information. Smishing uses text messages that seem to come from a bank, a public authority or a well-known company. In rare cases, smishing may also involve malware (a generic term for concealed programs that may take control of computers, mobile phones and tablets).

  • Social engineering

    Social engineering is a term for manipulating people into performing certain actions or divulging personal information. Contact is made by e-mail or phone and, in some cases, also by the fraudster contacting the victim face to face. Social engineering is often conducted through phishing or smishing.

  • Spear phishing

    Spear phishing is phishing directed at selected persons. Before the attack, the fraudsters will find background information about you, and they will contact you through a hacked e-mail or from an e-mail address that appears to belong to someone you know.

  • Spyware (see malware)

    Spyware collects information about persons or organisations without their knowledge. The information may subsequently be shared or sold to a third party.

  • SSL certificates

    SSL is a security technology that makes it possible to establish an encrypted (secure) connection between a web server and a browser. In order to provide an SSL connection, the domain must be approved by a verified third party. SSL connections have a URL starting with ‘https’, and the browser’s address line usually contains a padlock symbol. (See also EV certificates.)

  • Trojan horses (see malware)

    A trojan horse is a term for a harmful program purporting to be harmless.

  • Virtual Mobile Infrastructure (VMI)

    Virtual Mobile Infrastructure is the mobile phone answer to a virtual desktop. With VMI, selected apps and data are physically located not on the mobile phone but on a server. So if a mobile phone is lost or stolen, it is easy for a business to shut down access to its data. VMI also provides a firewall between personal content and work-related content. In businesses that use mobile phones for both personal and work-related purposes, viruses in personal programs and apps can thus be prevented from spreading to the business’s infrastructure.

  • Viruses (see malware)

    A virus is a small program or code that will change the way a computer, mobile phone or tablet works. A virus attaches itself to a file or a program and spreads when the file or the program is copied from one device to another.

  • Vishing

    Like phishing and smishing, vishing is designed to coax confidential information out of others. In this case, the fraudster contacts the victim by phone, IP calls or voice mail, posing as a support employee from a well-known company such as Microsoft.

  • VPN

    A VPN (Virtual Private Network) is a secure, encrypted point-to-point connection through a data network (such as the internet).

  • Worms

    A worm is a harmful computer program which, in contrast to a virus, does not need a file or a program to spread. A worm replicates itself and spreads through a network. This may cause major and costly damage by the use of bandwidth alone.