There are a lot of strange newly created words and acronyms in the world of cyber security, so here's a glossary of the common ones to help clarify things.

advanced persistent threat (APT)

A piece malware specifically designed to remain undetected for long periods of time on computer systems while carrying out its activities or a continuous prolonged attack that will not stop until the target is compromised.


A hacking technique to infiltrate a wireless device (such as a mobile phone) via it’s Bluetooth connection to steal data.

botnet (zombie computer)

A network of infected computers working together under the control of criminals, without the owners being aware.


Using fake social media profiles or fake identities, often in order to defraud people in romance scams.

click fraud

Generating pay-per-click (PPC) revenue from online adverts using mobile apps, scripts, bots and malware to imitate a real person and without their knowledge.


Tricking users into clicking a different button or link than they were intending to, through the use of transparent layers or invisible frames in a web page or application, to redirect them to a different destination. Also known as a User Interface (UI) redress attack or UI redressing.


A covert malware infection that uses your computers processing power (and your electricity) to generate cryptocurrencies for criminals.


A video, audio or video that has been digitally manipulated and altered to appear as someone else, and or speak like someone and say something they didn’t say, to spread false information or trick people into carrying out actions based on the instructions (like paying an invoice).

distributed denial-of-service (DDoS) attack

A way of flooding a website or web service with so much internet traffic that it cannot cope, disrupting business, using sometimes hundreds of thousands of infected computers or devices, often via a botnet.

doxing or doxware

An extortion where personal and private information is stolen and threatened to be published online unless a payment is made.


A type of malware or scam which holds you to ransom by stealing sensitive private information and threatening to release it to cause embarrassment or reputational damage if not paid.


Unscrupulous apps that after a short trial, automatically add users into a subscription contract with high recurring monthly fees, that massively exceeds the typical price of that type of app.


The term where legitimate online retailers’ websites have been compromised and modified to silently send payment information and other credentials to the criminals when you place an order.


A generic term for anything changes web browser or DNS settings, to display unwanted content or biased search engine results that the criminals earn money from, e.g. redirecting you to sexually explicit adverts, or affiliate and scam websites.

living off the land attack

An attack utilising legitimate online services or existing features within software or an operating system in order to evade detection.


A new word to describe malicious advertising, where criminals submit infected images or code into legitimate advertising platforms to be shown on other websites, and can even cause infections due to web browser vulnerabilities just by being displayed.


A generic term for any malicious software.

man-in-the-middle attack

A way of tricking a user or machine into accessing the internet via a bogus network service (often over Wi-Fi) allowing the criminal to eavesdrop and record all web activities, including sensitive information in many cases.

man-in-the-browser attack

A technique of modifying a web browser often via a Trojan infection, to bypass many of the security mechanisms, allowing the criminal to not only eavesdrop, but commit fraud.

master boot record (MBR)

The part of a storage drive that is first loaded when a computer starts and contains the information about how the drive is split up and where the operating system is. Without this information, the computer will not start, so can be used for extortion or to hide viruses, which then are loaded into memory to infect the operating system.


A new, more secure, simpler alternative to passwords for websites and apps, where credentials are linked to specific devices (computers, tablets or smartphones) where a user only needs to authenticate via a personal identification number (PIN) or biometrics like fingerprints or facial recognition to log in. For more info, see: 


The term used for the various ways to trick you into parting with sensitive information, like login credentials by using social engineering.

pop-under advert 

A new browser window which opens behind the active browser to hide it from view.

pop-up advert

A new browser window which opens in front the active browser to grab your attention.

potentially unwanted program (PUP)

Programs that while not malicious, fall into the grey category and may pose a potential risk or inconvenience or annoyance for the user.


A type of malware which holds you to ransom by encrypting your documents, so you cannot access them or by completely locking you out of your own computer, sometimes stopping it from starting at all.

remote access trojan (RAT)

A program that gives a third party complete remote access to control your computer without you being aware, often with screen recording and keystroke logging capabilities.


A targeted phishing campaign aimed at specific people or a company, combined with additional information gleaned from other sources like social media, to increase the likelihood of an attack.


A deception technique mainly used for emails and SMS text messages to make fake messages appear to be from a genuine source by manipulating the technology behind these services. Spoofed SMS messages will join any existing group of real messages if any are present on the device.


A program that effectively spying on you, without you realising. It can range from being dubious (browsing habits) to outright malicious (capturing keystrokes) and can be bundled with free software.

supply chain attack

The tactic of compromising one of the various trusted software components of an online supply chain to bypass an organisation’s security systems, such as a website e-commerce component, browser extension, update server, or open-source code library.


Taken from the Greek Trojan Horse, this is a program that appears to do one thing, but actually secretly does something else, whether that be spy on you, give criminals remote access or install viruses.


The dubious practice of registering popular domain names with common typos. Can be used to generate advertising revenue or for phishing.


A targeted phishing attack against a high value individual or department like a company board member or accounts department, which can then be used for major financial fraud and other criminal activities.

watering hole attacks

The tactic of compromising high traffic legitimate websites to infect, defraud or phish the online visitors.


A virus designed to replicate itself and infect other computers and devices on a network.

zero-day vulnerability

A flaw in software or hardware that is exploited by hackers and criminals, that the vendor is unaware of or before they have created a fix or patch once aware.