All | # A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
There are currently 188 names in this directory
A top-level domain (TLD) in the Domain Name System of the Internet [ Type : Regulatory ]
Address Record. An A record maps a domain name to the IP address of the computer hosting the domain. An A record is used to find the IP address of a computer connected to the internet from a name. [ Type : Data ]
A/AAAA Record
IPv4 and IPv6 addresses associated to a hostname.
Abuse Box feed
An email box where users may submit complaints against any concerned domain. . [ Type : Analysis ]
Account suspension
Suspension of fraudulent emails or social media accounts [ Type : Response ]
Accredited domain registrars of a registry
Registrars that are officially recognized by a Registry to provide domain-related services [ Type : Registry ]
The acquiring bank (also merchant bank or acquirer) is the financial institution that maintains the merchant’s bank account. The contract with the acquirer enables merchants to process credit and debit card transactions. The acquiring bank passes the merchant’s transactions along to the applicable issuing banks to receive payment. [ Type : Credit Cards ]
Advance Fee Fraud/419 Scam/Nigerian 419
An advance-fee scam is a form of fraud and one of the most common types of confidence tricks. The scam typically involves promising the victim a significant share of a large sum of money, in return for a small up-front payment, which the fraudster requires in order to obtain the large sum. If a victim makes the payment, the fraudster either invents a series of further fees for the victim or simply disappears [ Type : Attack]
Advance Fee Fraud is a fraud in which the scammer convinces the victim to send an upfront money in return for services or higher pay back. [ Type : Terminology ]
Air Gap
Having a critical computer or machine in a physically isolated location as well as disconnecting it from the internet. [ Type : Terminology ]
Angler Phishing
An attack in which the fraudster will masquerade as a customer support representative on social media to send phishing links to customers in order to get their information such as username and password as well as other personal information. [ Type : Terminology ]
App permissions
An app asking the user to grant permission to be able to execute tasks on thier device without consent or without informing the user. [ Type : Terminology ]
Advanced Persistent Threats are attacks in which the attacker stays inside the system to spy and steal information rather than penetrate the network to cause damage. [ Type : Terminology ]
AS number
Autonomous system [ Type : Terminology ]
Astroturfing is abusing the power of customer reviews on sites like Yelp, Facebook, Amazon and others. Either a place of business will post rave reviews from fake customers about their product, or a business will post bad reviews about a competitor.   [ Type : Terminology ]
Back links / Inward links
A backlink is any link received by a web node (web page, directory, website, or top level domain) from another web node.  [ Type : Analysis ]
Bastion host
A host with very few services/applications running on it, usually put between the internal network and the internet. This point acts as a proxy and is the only entry point to the internal network. [ Type : Terminology ]
BGP peers
When BGP runs between two peers in the same autonomous system (AS), it is referred to as Internal BGP (iBGP or Interior Border Gateway Protocol). When it runs between different autonomous systems, it is called External BGP (EBGP or Exterior Border Gateway Protocol). [ Type : Terminology ]
BGP route
When BGP runs between two peers in the same autonomous system (AS), it is referred to as Internal BGP (iBGP or Interior Border Gateway Protocol). When it runs between different autonomous systems, it is called External BGP (EBGP or Exterior Border Gateway Protocol). [ Type : Terminology ]
Bank Identification Number. Which is the starting digits of a credit card, most commonly 6 or 8 digits.
Refers to the registration of a domain names one bit different than a popular domain. The name comes from typo-squatting: the act of registering domain names one key press different than a popular domain. [ Type : Terminology ]
Black Hat SEO
In search engine optimization (SEO) terminology, Black Hat SEO refers to the use of aggressive SEO strategies, techniques and tactics that focus only on search engines and not a human audience, and usually does not obey search engines guidelines. [ Type : Terminology ]
Blackbox Testing - Whitebox testing - Graybox Testing
Scenarios that an ethical hacker will face while performing penetrations testing.
Blackbox testing: the hacker does not know the in/outs of the IT infrastructure. Usually launches a full scale brute force attack to reveal vulnerabilities. Can be very time consuming.
Whitebox testing: attacker has full knowledge and access to the source code and infrastructure. A more thorough test can be performed in this type of pen testing.
Graybox testing: attacker has partial knowledge/access, and can focus on specific weaknesses and discover more as he moves along. [ Type : Terminology ]
Blended Attack
A cyber attack that comprises multiple attack vectors and malware is known as a blended attack. Such attacks usually cause severe damage to targeted systems. [ Type : Terminology ]
Botnet comprises of multiple Internet-connected devices, each of which is running one or more bots. Botnets may be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allows the attacker to access the device and its connection. [ Type : Terminology ]
Brand Casting
Promoting a brand, product or service by streaming video of events, product demonstrations and other offline experiences through online media channels. [ Type : Response ]
Brand Infringement
Brand infringement is an encroachment, violation, misappropriation, and/or disparagement of a message, identity, goodwill, talent, work, products, and intellectual property rights of a brand. [ Type : Attack ]
Brand jacking
Activity whereby someone acquires or otherwise assumes the online identity of another entity for the purposes of acquiring that person's or business's brand equity. [ Type : Attack ]
Brand Management
The activity of supervising the promotion of a particular brand of goods. [ Type : Service Suite ]
Brand Protection
The ​act of preventing someone from ​illegally making and ​selling a ​product using a ​brand ​name ​owned by another ​company [ Type : Service Suite ]
Buffer Overflow
When data being entered exceeds a buffer's fixed length, the data then starts overflowing adjacent memory space causing system shutdown, data corruption, or give the attacker access to the rest of the system. [ Type : Terminology ]
Bullet proof hosting
Bulletproof hosting (sometimes known as bulk-friendly hosting) is a service provided by some domain hosting or web hosting firms that allows their customer considerable leniency in the kinds of material they may upload and distribute. [ Type : Terminology ]
Business Email Compromise (BEC)
Business Email Compromise (BEC) is a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds. [ Type : Terminology ]
Business email compromise (BEC)
Business email compromise (BEC) scams that attempt to trick senior staff at medium and large corporations into transferring large sums of money typically rely on the same formats - either compromising the CEO's account, spoofing the CEO's email address, or using a form of typo-squatting where the email address uses a domain which resembles the targeted company's actual domain. [Type: Attack]
C&C Command and Control
Command and control refers to the main server used by a DDoS attacker to control the botnets used in a DDoS attack. [Type: Terminology]
Country Code Top Level Domain [Type: Terminology]
Cooperative Cyber Defense - Center of Excellence. A military organization that falls under the NATO umbrella. This organization is responsible for training NATO members and protecting NATO nations from cyberattacks. Additionally, CCD-COE created a manual, the Tallinn Manual, that explains how a nation can respond to cyberattacks while taking international laws in consideration.  [Type: Terminology]
Cease & Desist
A document sent to an individual or business to halt purportedly unlawful activity ("cease") and not take it up again later ("desist"). [ Type : Response]
Change of Billing
A form of fraud where a criminal who gained access to a victim's bank account changes the billing address to prevent the victim from receiving the monthly bills, thus allowing the fraudster to remain undetected. [ Type : Terminology]
Clear Web
The unencrypted part of the internet which is accessible by everyone using standard browsers. [ Type : Terminology]
Cousin Domain
A registered domain name that is deceptively similar to a target name, which can be a domain name or the name of a known entity [ Type : Terminology]
Common Vulnerabilities and Exposures is a database that contains all known vulnerabilities. These vulnerabilities have been tagged by a specific code such as: CVE-2019-5736 [ Type : Terminology]
Cyber Deterrent
A factor which disencourages the attacker from initiating the attack. [ Type : Terminology]
Cyber espionage
The use of computer networks to gain illicit access to confidential information, typically that held by a government or other organization. [ Type : Terminology]
Cyber War
The use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of communication systems by another state or organization. [ Type : Terminology]
Cybersquatting is the practice of registering domains identical or similar to a third party company name or trade mark. [Type: Attack]
Dark Web
An encrypted network that is not indexed by normal search engines. Can only be accessed using specialized software. Dark Web is a small part of the Deep Web. [Type: Terminology]
Data leakage
Confidential data being published anywhere on the internet inclusive of Email addresses. [Type: Attack]
A denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users. Distributed denial-of-service attacks are sent by two or more persons, or bots, whereas denial-of-service attacks are sent by one person or system. [Type: Attack]
De-indexing in search engines
Removing fradulent sites from search engine rankings. [Type: Response]
Dead Man's Switch
A system that requires often human interaction to prevent a process from being triggered. Extortionists use a Dead Man's Switch to force the victim to comply and not go to the authorities. In case the extortionist gets arrested, the process will be triggered and the information will be released to the public. [Type: Terminology]
Deep Web
Parts of the world wide web which have not been indexed by search engines as they are encrypted. [Type: Terminology]
Website defacement is an attack on a website that changes the visual appearance of the site or a webpage. These are typically the work of system crackers, who break into a web server and replace the hosted website with one of their own. [Type: Attack]
Defang URL
The process of rewriting the URL into a form that cannot be clicked. [Type: Terminology]
Defensive (Domain) Registration
Buy more domain names, "just in case." [Type: Response]
Delist domains from RBLs
Removing links/emails from Blackhole list. [Type: Response]
False data is submitted to phish sites to dilute the quality of information collected by the phisher. [Type: Response]
Digital Millennium Copyright Act. [Type: Regulatory]
DNS poisoning
DNS spoofing (or DNS cache poisoning) is an attack whereby data is introduced into a Domain Name System (DNS) name server's cache database, causing the name server to return an incorrect IP address, diverting traffic to another computer. [Type: Attack]
DNS record
List of DNS record types is an overview of resource records (RRs) permissible in zone files of the Domain Name System (DNS). [Type: Data]
The Domain Name System Security Extensions (DNSSEC). [Type: Terminology]
Dolphin Attack (Inaudible Voice Commands)
An attack where hackers use ultrasonic frequencies to launch a voice command to phones to unlock them and steal information. [Type: Terminology]
Domain expiry
The expiration of a domain (after which it will no longer be online). [Type: Terminology]
Domain Management
Domain portfolio management services are dedicated services offered to help companies to manage big portfolio of domain name. [Type: Service Suite]
Domain Registrar
A domain name registrar is an organization or commercial entity that manages the reservation of Internet domain names. [Type: Terminology]
Domain Registration Alerts
CTM360 Domain Registration Alerts to detect typosquatting, cybersquatted or potential phishing or cyber evil twin websites. [Type: Analysis]
Domain Squatting
Registering, selling or using a domain name with the intent of profiting from the goodwill of someone else's trademark. [Type: Attack]
Domain suspension
Going to a domain authority and requesting the suspension of a domain. [Type: Response]
Domain tasting
The practice of a domain name registrant using the five-day “grace period” (the Add Grace Period or AGP) at the beginning of the registration of an ICANN-regulated second-level domain to test the marketability of the domain. [Type: Terminology]
Domain Validation certificate
Is an X.509 digital certificate typically used for Transport Layer Security (TLS) where the identity of the applicant has been validated by proving some control over a DNS domain. [Type: Terminology]
Diverse group of new, relevant and expressive Internet domain names. [Type: Registry]
Doppelganger domain
A doppelganger domain is similar to typosquatting domain. It is a domain which is missing "." (dot) in a domain name. For example, an instance of Doppelganger domain for is (notice the missing dot). When the content on these domain matches branding and content of the original website, users are not able to tell the difference and are more likely to be tricked by an attacker (e.g., for credential harvesting or financial fraud). [Type: Terminology]
DoS layer 3
A denial of service attack that targets the Network layer. This attack, similar to DoS Layer 4, depends on flooding the attacker with very high volume of data to reduce the system's perfomance and users from accessing the system. [Type: Attack]
DoS layer 4
A denial of service attack that targets the Transport layer. This attack depends on flooding the attacker with very high volume of data to reduce the system's perfomance and users from accessing the system. [Type: Attack]
DoS layer 7
A denial of service attack that targets the Application layer. This attack targets features such as HTTP, SNMP, FTP. Additionally, this type of attack is hard to detect as the traffic resembles real users. [Type: Attack]
DoS or DDoS
In computing, a denial-of-service (DoS) or distributed denial-of-service (DDoS) attack is an attempt to make a machine or network resource unavailable to its intended users. [Type: Attack]
Downgrade Attack
An attack in which the victim is negotiated into using older and more vulnerable security protocols, making it easier for the attacker to launch the attack. [Type: Attack]
Doxing simply refers to the process of publishing other people’s information such as name, age, email, address, telephone number, photographs etc. using publicly available sources such as the Internet for malicious purposes. [Type: Terminology]
Drive by malware
Malware delivery technique that is triggered simply because the user visited a website. [Type: Attack]
Email Wire Fraud
The purpose of this type of email is very simple—to get the recipient to process a payment for non-existent goods or services by way of a wire or credit transfer. The scammers send an email to a target recipient, usually pretending to be from the CEO or a senior executive of an organization. The scammers will usually send the fake wire transfer emails to employees working in the finance department of a company, as those employees will have the ability to action payment requests. [Type: Terminology]
Extended validation certificate
An Extended Validation Certificate (EV) is a certificate used for HTTPS websites and software that proves the legal entity controlling the website or software package. [Type: Terminology]
Fast Flux
Fast flux is a DNS technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies. [Type: Terminology]
Form Grabber
Malware designed to record sensitive information that the targeted user provides in forms on the Internet. These malware particularly target the victim’s financial information. [Type: Terminology]
Providing security vendors fraudulent IP and Domains to be blocked in real-time through browsers, email firewalls, ISPs, proxies and any other relevant security products. [Type: Response]
Unjustifiably claiming or being credited with particular accomplishments or qualities. [Type: Terminology]
A generic top-level domain (gTLD) is one of the categories of top-level domains (TLDs) maintained by the Internet Assigned Numbers Authority (IANA) for use in the Domain Name System of the Internet. It is visible to Internet users as the suffix at the end of a domain name. [Type: Terminology]
The subversive use of computers and computer networks to promote a political agenda. [Type: Terminology]
High-yield investment program (HYIP) fraud
An investment scam that promises unsustainably high return on investment by paying previous investors with the money invested by new investors. [ Type: Attack ]
Hijacking accounts
Account hijacking is a process through which an individual's email account, computer account accessed by an unauthorized user. [ Type: Attack ]
Host File poisoning
Injecting new entries for Internet sites. [ Type: Attack ]
Internet Assigned Numbers Authority. [ Type: Regulatory]
The Internet Corporation for Assigned Names and Numbers. [ Type: Regulatory]
IDN tables
IANA maintains the collection of “IDN tables”, which represent permitted code points (letters) allowed for Internationalised Domain Name registrations in particular registries. [ Type: Terminology]
Act of pretending to be another person for the purpose of entertainment or fraud. [ Type: Attack ]
Inference Attack
An inference attack is a data mining technique used to illegally access information about a subject or database by analyzing data. This is an example of breached information security. Such an attack occurs when a user is able to deduce key or critical information of a database from trivial information without directly accessing it. [ Type: Terminology]
Inframe hijacking
Hijacking nested browsing context, effectively embedding another HTML page into the current page. [ Type: Attack ]
The Internet's Network Information Center. [Type: Regulatory]
IP Management
IP address management (IPAM) is a means of planning, tracking, and managing the Internet Protocol address space used in a network. [ Type: Service Suit]
IP Payments
IP Payments is a PCI Level 1 compliant financial services organisation that provides payments, accounts receivable automation and PCI DSS compliance solutions. [ Type: Terminology]
The issuing bank is the financial institution that issues credit cards to consumers on behalf of the card networks (Visa, MasterCard). The issuer acts as the middle-man for the consumer and the card network by contracting with the cardholders for the terms of the repayment of transactions. [ Type: Credit Cards]
Job Scam
Scammers trick victims into handing over their money by offering a 'guaranteed' way to make fast money or a high-paying job for little effort. [ Type: Attack ]
Layered Security
Also known as layered defense, it is the practice of having multiple layers of security protecting the data. [ Type: Terminology]
Mail bounce back feed
Mail bounce back are system generated files when emails are not sent due to a wrong email or there is an inbox space issue. [ Type: Analysis]
MITB Man in the browser
A proxy Trojan horse that infects a web browser by taking advantage of vulnerabilities in browser security to modify web pages, modify transaction content or insert additional transactions, all in a completely covert fashion invisible to both the user and host web application. [ Type: Attack ]
MITM Man in the middle
Attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. [ Type: Attack ]
Money Mule
A money mule or sometimes referred to as a "smurfer" is a person who transfers money acquired illegally (e.g., stolen) in person, through a courier service, or electronically, on behalf of others. The mule is paid for their services, typically a small part of the money transferred. Money mules are often dupes recruited on-line for what they think is legitimate employment, not aware that the money they are transferring is the product of crime. The money is transferred from the mule's account to the scam operator, typically in another country. Similar techniques are used to transfer illegal merchandise. [ Type: Terminology]
Monitoring Domain for up/down
Monitoring the availability and performance of web pages of web applications. When not accessible, notifications are sent and corrective actions can be triggered. Website performance monitoring feature checks for various attributes such as response time, etc. [ Type: Analysis ]
Monitoring URL for content
Checks a single URL for its availability, and then continues to search the page for a predefined string of text. If an identical text string isn't identified, an alert is sent to the Monitoring Team. Ideal for sites that demand uptime, contain several critical pages, dynamic content or complex applications/environments. [ Type: Analysis ]
Mtoken App
A software once activated, displays a new eight-digit tokencode once every minute. [ Type: Attack ]
MX record
Mail Exchange Record. [ Type: Data ]
Name Based Virtual Hosting
Configuring DNS servers to map each hostname to the correct IP address and then configure the HTTP Server to recognize the different hostnames. [ Type: Terminology ]
Nigerian 419
The scam typically involves promising the victim a significant share of a large sum of money, which the fraudster requires a small up-front payment to obtain. [ Type: Terminology ]
NTP based DDoS
Network Time protocol Denial of Service Attack. [ Type: Attack ]
Organization Validation certificate
Is a certificate that confirms the existence of the organisation. [ Type: Terminology ]
If you click on a link and find yourself at an unexpected website, you may have been ‘pagejacked’. This happens when someone steals part of a real website and uses it in a fake site. If they use enough of the real site, Internet search engines can be tricked into listing the fake site and people will visit it accidentally. The fake site could contain unwanted or offensive material. As an online merchant trading via a website, you need to know that your site isn’t being stolen in this way. Unfortunately you can’t prevent pagejacking; you can only deal with it after you know it’s a problem. [ Type: Terminology ]
Passive honey pot
A method of acquiring spam for analysis, via planting of bogus email addresses which are rigged to forward emails to a specific mailbox. [ Type: Analysis ]
Password Spraying
It is an advanced brute-force technique that attempts to attack multiple user accounts with commonly used passwords. [ Type: Terminology ]
A patent is a set of exclusive rights granted by a sovereign state to an inventor or assignee for a limited period of time in exchange for detailed public disclosure of an invention. An invention is a solution to a specific technological problem and is a product or a process. Patents are a form of intellectual property. The procedure for granting patents, requirements placed on the patentee, and the extent of the exclusive rights vary widely between countries according to national laws and international agreements. Typically, however, a granted patent application must include one or more claims that define the invention. A patent may include many claims, each of which defines a specific property right. These claims must meet relevant patentability requirements, such as novelty and non-obviousness. The exclusive right granted to a patentee in most countries is the right to prevent others from commercially making, using, selling, importing, or distributing a patented invention without permission. [ Type: Terminology ]
Patent Citation
When referenced in a document, patents must be cited like books, journal articles, or any other resource. While its presentation varies according to individual style requirements, a citation for a patent should enable your reader to locate the patent and understand the basics (title, inventor, date, whether it is an application or a patent). The citation should enable readers to distinguish the patent in question from similar or related patents. [ Type: Terminology ]
Patent Portfolio management
A patent portfolio is the list of patents owned by an individual or a company. Managing your patent portfolio and comparing it to those of other companies is essential to helping you better determine the economic value of your own patents and remaining competitive. [ Type: Service Suite ]
Pay Per Click (PPC)
An internet advertising model used to direct traffic to websites, in which advertisers pay the publishers. [ Type: Attack ]
DNS poisoning to redirect legitimate internet traffic of your websites to a fraudulent page. [ Type: Attack ]
Phish host
Phish Creator [ Type: Data ]
Phish tagging
Database with phish links. [ Type: Analysis ]
Webpage impersonating the client with the objective of collecting their customers' information. [ Type: Attack ]
Phishing Kits
Phishing kits are kits provided by hackers for people with basic computer skills to launch phishing attacks. The kit includes several items which make launching a wide scale phishing attack easy such as spamming software, source code, and script to launch the attack. [ Type: Terminology ]
Polymorphic Virus
A polymorphic virus is a malicious program that modifies itself when it replicates. This technique enables it to evade detection by security software. [ Type: Terminology ]
Potentially Unwanted Program
PUP is a program that piggybacks software downloaded by the user. It is an unwanted program that downloads with the user's consent such as spyware, adware, or toolbars for browsers. [ Type: Terminology ]
Privilege Escalation
An attack in which the user will attempt to exploit bugs in the system allowing them to reach and use resources which should not be accessed by them. [ Type: Terminology ]
Random Forest
Grouping the output of multiple decision trees together into a final result. This should be used when a single decision tree does not provide accurate results for all scenarios. [ Type: Terminology ]
Realtime Blackhole List. [ Type: Data ]
Reclaim Accounts
A process to regain control over a hijacked account. [ Type: Response ]
Red Team - Blue Team
An exercise in which a system's security is tested by security experts. Red team is in charge of attacking and gaining access/control of an objective while the blue team is responsible for defending it. This exercise is meant to test the system and reveal vulnerabilites and measure the readiness of the security team responsible for defending it. [ Type: Terminology ]
Reserved domains
Domain has been reserved via the dropcatcher service. Incase the user decides not to renew the domain, another person can take it. [ Type: Terminology ]
Reverse WHOIS
The Reverse whois will do a reverse IP lookup. If an IP address is typed, it will attempt to locate a DNS PTR record for that IP address. Reverse WHOIS provides clients with ownership and relationship information for entities on the Internet, including domain names, IP addresses, registrars, registries and ISPs. [ Type: Analysis ]
Root Zone
Root Zone refers to the highest level of the Domain Name System (DNS) structure. It contains the names and the numeric IP addresses for all the top level domain names such as the gTLDs (.com, .net, .org, .jobs), and all the country code top level domains (ccTLDs), for example (.us, .uk .ph), including the entire list of all the root servers. The DNS root zone contains only 280 delegations of generic, country code and internationalized top level domain names (TLD)s and its size is more or less 80,000 bytes. It also changes slowly and absorbs only one minor change per TLD every year. The National Telecommunications Information Administration (NTIA), ICANN, Verisign and the Root Server Operators play significant roles in the management and process of the root zone. NTIA is an agency under the United States Department of Commerce, which represents the federal government in a contract entered in with ICANN and Verisign, which grants the organizations separate functions in managing the performance of the root zone. NTIA is responsible in reviewing and approving whatever changes that need to be implemented within the root zone. ICANN is the operator of the Internet Assigned Numbers Authority (IANA), which is responsible for the day-to-day management of the DNS root zone. IANA assigns the operators of the top level domain and ensures the maintenance and the administrative details of the TLDs. It is also responsible for the coordination of the Internet Protocol (IP) and Autonomous System Numbers (ASN) to the Regional Internet Registries (RIR). Verisign, and formerly Network Solutions, serves as the root zone administrator under a cooperative agreement entered with the United States government; this has been in effect since 1998. The Root Server Operators' primary role is to make sure that the operations of the root zone is always accurate, available, reliable and secure. There are thirteen Root Server Operators in the database of the root zone, which include: A - Verisign Global Registry Services B - Information Sciences Institute C - Cogent Communications D - University of Maryland E - NASA Ames Research Center F - Internet Systems Consortium, Inc. G - U.S. DOD Network Information Center H - U.S. Army Research Lab I - Autonomica/NORDUnet K - RIPE NCC L - ICANN M - WIDE Project. [ Type: Terminology ]
Supervisory control and data acquisition. [ Type: Terminology ]
A form of social engineering where victims are tricked into thinking that their device is infected with a virus, encouraging them to download an anti virus software, which in fact is malicious. [ Type: Terminology ]
Search Engine Optimization SEO
The process of affecting the visibility of a website or a web page in a search engine's unpaid results. [ Type: Terminology ]
Search Engine ranking
Refers to the position at which a particular site appears in the results of a search engine query. [ Type: Analysis ]
Security News feeds
A security news feed is list of newly published security news content on a website. [ Type: Data ]
Shadow IT
Or Stealth IT, is a term often used to describe information-technology assets without explicit IT approval. [ Type: Terminology ]
Shutting down of Content and Websites related to Phishing Activities. Asking host to takedown certain content. [ Type: Response ]
Skill Squatting
An attack which takes advantage of speech recognition systems' errors. Example: A person with bad intent can create a malicious mobile application called Ramazon. When a user tries to install Amazon application on their phone using voice commands, the voice recognition system might hear "Ramazon" instead of "Amazon" and end up downloading the malicious application. [ Type: Terminology ]
SMS as the carrier of Phish URL. [ Type: Attack ]
Social Media Fraud
Suspicious Profiles on any social media websites that have association with the client. [ Type: Terminology ]
Socialbots are software's programmed to behave like humans on social media by posting pictures, retweeting, and even chatting with people. Socialbots can be used for malicious purposes such as distorting public opinion during political campaigns, marketing, and spreading scams. [ Type: Terminology ]
Spam feed
A feed of identified spam mails. [ Type: Data ]
Spam Feed Processing
Scoring various aspects of a spam email, often with a different weightage. [ Type: Analysis ]
Spear Phishing
Spear phishing is an email or electronic communications scam targeted towards a specific individual, organization or business. Although often intended to steal data for malicious purposes, cybercriminals may also intend to install malware on a targeted user’s computer. [ Type: Attack ]
It is a technique used to hide the existence of a message, files, or any other information. For example, hiding a text message inside an image file to avoid being discovered (Data hidden within data). [ Type: Terminology ]
Suspicious Mobile App
Mobile App published on the internet claiming to be published by client's organization. [ Type: Terminology ]
Tailgate/ Piggybacking
Illegally accessing a service/system using another persons's authorized credintials. [ Type: Terminology ]
Tailored Trustworth Space
A cyberspace environment that provides a user with confidence in its security, using automated mechanisms to ascertain security conditions and adjust the level of security based on the user’s context and in the face of an evolving range of threats. [ Type: Terminology ]
Shutting down of specific fraudulent profiles (not the full website) that affect a brand or individual including cybersquatting. [ Type: Response ]
Text sharing sites
Websites that provide online storage of text, similar to an online Notepad. Often, a source for copywrite infringement. [ Type: Analysis ]
Tilde Phish
Tilde Phish use a unique style of multiple URLs that point to websites on several domains, when in reality they send the user to the same phishing website. This method uses the fact that some web servers are configured to all al-low file path viewing on any virtual domain hosted on that server. The URLs contain a tilde (~), hence the name. [ Type: Attack]
Top Level Domain. [ Type: Terminology ]
Any word, name, symbol, or design, or any combination thereof, used in commerce to identify and distinguish the goods of one manufacturer or seller. [ Type: Terminology ]
Traffic diversion
Changing Site Traffic
Binary Trading (commonly also known as Binary Options Trading or Binary Options) is a type of option where the trader takes a yes or no position on the price of a stock or other assets, with the resulting payoff being all or nothing. Questionable activities such as brand infringement, unregistered establishments, identity theft, misrepresentation of potential gains and back-end manipulation of software to cheat users is common in the name of BOT. As there does not appear to be an explicit legal framework to govern binary trading, online companies continue to operate and trap victims. This type of scam is known as TRAP10. [ Type: Terminology ]
The act of trash talking or annoying someone using the internet for fun. Trolling usually involves using sarcasm to get on the nerves of that person.
Tactics (or Tools), Techniques, and Procedures is the behavior of attackers or adversaries in the cyber space. TTPs are usually deeply analyzed to understand how the adversary works and how to expect and prepare for future attacks.
Twishing refers to phishing scams that are carried over Twitter. The attacker might tweet a post interesting or strange enough to trick users into visiting a fraudulent website and logging in with their credentials.
Twitter feeds
Tweet the last posts published via RSS feed.
Typopiracy/ Typosquatting
Typosquatting, also called URL hijacking, a sting site, or a fake URL, is a form of cybersquatting, and possibly brandjacking which relies on mistakes such as typos made by Internet users when inputting a website address into a web browser.
Uniform Domain-Name Dispute-Resolution Policy
Unauthorized Association
Declaring affiliation to a company or individual without consent
Unauthorized Job posting
Posting a job declaring affiliation to a company or individual without consent
Unauthorized Mobile Application
Creating an app declaring affiliation to a company without consent
Unauthorized profile
Creating a profile displaying affiliation to a company or individual without consent
Unauthorized usage of trademark/logo
Using company's trademark, logo, without consent of the company
Unified Threat Management
UTM is a software or hardware that combines several network security functions such as IDS/IPS, VPN, Firewall, Gateway Anti-Virus and others under one platform, making it easier to manage and monitor through a single interface.
URL redirection
A URL Redirection Attack is a kind of vulnerability that redirects you to another page freely out of the original website when accessed, usually integrated with a phishing attack.
URL shortening
Is a technique on the World Wide Web in which a Uniform Resource Locator (URL) may be made substantially shorter and still direct to the required page.
United Research Service
Service provider of domain names
Vishing (voice phishing) is a form of attack that attempts to trick victims into giving up sensitive personal information over the phone
Water Mark
Is an identifying image or pattern in paper that appears as various shades of lightness/darkness when viewed by transmitted light, caused by thickness or density variations in the paper.
Watering hole attack
An attack strategy targeting a large group of individuals by observing the websites most visited and infecting them with malware
Web Referral Log
Logs to help analyze traffic to a site
Web Skimmer
Web skimming is when a malicious code is inserted into a payment page. Whenever the customer attempts to pay online, the malicious code will steal the payment information (card number, expiry date, holder namer, security code...) and send it to the attacker.
Whaling is a type of fraud that targets high-profile end users such as C-level corporate executives, politicians and celebrities.
A Whois record contains all of the contact information associated with the person, group, or company that registers a particular domain name. Typically, each Whois record will contain information such as the name and contact information of the Registrant , the name and contact information of the registrar, the registration dates, the name servers, the most recent update, and the expiration date.
WHOIS record
Databases that store the registered users
Web Referral Log Analyzer: This is a small & simple tool, used for the early detection of Phish attacks. This tool extracts Suspicious URLs from the web server's referral logs, compares it with white list & sends the rest of the URL' to a specified email. The SOC team may analyze those emails & take necessary actions if required.
Zero-Day Vulnerability
A vulnerability in the system that the developer does not know about. These vulnerabilities are difficult to detect as they do not have a signature which anti malware or intrusion prevention systems depend on to find vulnerabilities. The vulnerability is called Zero-Day because it takes zero days for the first attack to occur since the vulnerability has been made public.
Zone files
A DNS zone is a subset, often a single domain, of the hierarchical domain name structure of the DNS. [ Type: Data ]