Security Terms
Below is a list of common security terms and their definitions to help you better understand how to protect yourself
and your accounts against fraud:
Adware
Software that automatically displays or downloads advertising material when a user is online. Adware is
often confused with spyware and malware, which have potentially malicious effects. Adware can be a conduit to
malware or spyware.
Antivirus software
Software that detects, repairs, cleans or removes virus-infected files. Some also detect and remove spyware, malware,
Trojan Horses and other malicious software from your computer. Usually included with most computer systems and must
be regularly updated to be effective.
Dual Control
A commercial banking security function that requires high-risk transactions such as automated clearing house
transactions or wire transfers to be submitted to the bank for processing by two separate users. Dual control makes
it harder for criminals to use key stroke tracking programs to intercept your user name and password and gain access
to your account.
Firewall
A software or hardware device that limits access to a website, network or computer. Personal firewalls for home or
business use are inexpensive and can limit unauthorized access to your home or work computer.
Keylogger
Computer program that logs each keystroke a user types and saves this data into a file or transfers it via the
Internet to a predetermined remote host. It also can capture screenshots of user activity, passwords or record
online chat conversations. Often downloaded inadvertently by users clicking on links in fraudulent emails,
keyloggers pose the most dangerous threat to user privacy.
Malware (or malicious software)
Software that is intentionally introduced into a computer system to cause harm or loss to the computer system or its
data, or be used as a platform to attack other computers. Malware can be unintentionally installed by clicking a
button on a pop-up window or visiting a malicious website. Malware can change system parameters, install additional
harmful software and may be difficult for you to remove from your system.
Patch
An update to computer software or a web browser that may fix bugs, add new features or close security holes. Most
software vendors release browser or operating system security patches regularly, so periodic maintenance is required
to ensure sound system security.
Pharming
A variation of phishing in which malicious code is installed on a personal computer or server, misdirecting users to
fraudulent websites without their knowledge or consent with the goal of capturing confidential information.
Phishing (or spoofing)
A type of scam with the intent of capturing personal information; usually a legitimate-looking email asking the user
to click a link to a legitimate-looking web page or call an 800 number, where the user is asked to provide
confidential information.
Shoulder surfing
The practice of peering at somebody's PIN or password to gain illegal access to their personal information.
Social Engineering
Tricking someone into revealing information that's useful to attackers, such as a password, via email, telephone
or face-to-face. Social engineers are merely con artists who use their powers of persuasion to get victims to act
against their own better judgment.
Spam
Unsolicited email, often commercial in nature, sent indiscriminately to multiple mailing lists, individuals or
newsgroups. The Can-Spam Act of 2003 requires spam messages to be labeled and requires an opt-out process. Spam is
usually blocked by anti-spam software, which must be regularly updated to be effective.
Spyware
Software that is generally used to monitor use of the computer in some way without the user’s knowledge or
consent. Spyware can potentially record keystrokes, browser history, passwords and other confidential and private
information and report these back to a third party using the Internet. Spyware can also deliver spam or advertising
without your notice and consent. Certain antivirus programs can detect and remove spyware.
Trojan Horse
Malicious programs hidden in game, video, music or other legitimate-looking files that are downloaded. Many antivirus
programs will detect and remove Trojan Horse programs, but must be regularly updated to be effective.
Vishing or “Voice Phishing”
Uses email and telephone or an automated answering service to trick you into providing personal information.
Worms
Programs with the ability to replicate themselves and spread from computer to computer via email or the Internet,
often shutting down entire networks. Similar to computer viruses.
Zero Day Virus
A previously unknown computer virus or other malware for which specific antivirus software signatures are not yet
available.
Return to the Security Center homepage for additional resources.
Security Terms
Below is a list of common security terms and their definitions to help you better understand how to protect yourself
and your accounts against fraud:
Adware
Software that automatically displays or downloads advertising material when a user is online. Adware is
often confused with spyware and malware, which have potentially malicious effects. Adware can be a conduit to
malware or spyware.
Antivirus software
Software that detects, repairs, cleans or removes virus-infected files. Some also detect and remove spyware, malware,
Trojan Horses and other malicious software from your computer. Usually included with most computer systems and must
be regularly updated to be effective.
Dual Control
A commercial banking security function that requires high-risk transactions such as automated clearing house
transactions or wire transfers to be submitted to the bank for processing by two separate users. Dual control makes
it harder for criminals to use key stroke tracking programs to intercept your user name and password and gain access
to your account.
Firewall
A software or hardware device that limits access to a website, network or computer. Personal firewalls for home or
business use are inexpensive and can limit unauthorized access to your home or work computer.
Keylogger
Computer program that logs each keystroke a user types and saves this data into a file or transfers it via the
Internet to a predetermined remote host. It also can capture screenshots of user activity, passwords or record
online chat conversations. Often downloaded inadvertently by users clicking on links in fraudulent emails,
keyloggers pose the most dangerous threat to user privacy.
Malware (or malicious software)
Software that is intentionally introduced into a computer system to cause harm or loss to the computer system or its
data, or be used as a platform to attack other computers. Malware can be unintentionally installed by clicking a
button on a pop-up window or visiting a malicious website. Malware can change system parameters, install additional
harmful software and may be difficult for you to remove from your system.
Patch
An update to computer software or a web browser that may fix bugs, add new features or close security holes. Most
software vendors release browser or operating system security patches regularly, so periodic maintenance is required
to ensure sound system security.
Pharming
A variation of phishing in which malicious code is installed on a personal computer or server, misdirecting users to
fraudulent websites without their knowledge or consent with the goal of capturing confidential information.
Phishing (or spoofing)
A type of scam with the intent of capturing personal information; usually a legitimate-looking email asking the user
to click a link to a legitimate-looking web page or call an 800 number, where the user is asked to provide
confidential information.
Shoulder surfing
The practice of peering at somebody's PIN or password to gain illegal access to their personal information.
Social Engineering
Tricking someone into revealing information that's useful to attackers, such as a password, via email, telephone
or face-to-face. Social engineers are merely con artists who use their powers of persuasion to get victims to act
against their own better judgment.
Spam
Unsolicited email, often commercial in nature, sent indiscriminately to multiple mailing lists, individuals or
newsgroups. The Can-Spam Act of 2003 requires spam messages to be labeled and requires an opt-out process. Spam is
usually blocked by anti-spam software, which must be regularly updated to be effective.
Spyware
Software that is generally used to monitor use of the computer in some way without the user’s knowledge or
consent. Spyware can potentially record keystrokes, browser history, passwords and other confidential and private
information and report these back to a third party using the Internet. Spyware can also deliver spam or advertising
without your notice and consent. Certain antivirus programs can detect and remove spyware.
Trojan Horse
Malicious programs hidden in game, video, music or other legitimate-looking files that are downloaded. Many antivirus
programs will detect and remove Trojan Horse programs, but must be regularly updated to be effective.
Vishing or “Voice Phishing”
Uses email and telephone or an automated answering service to trick you into providing personal information.
Worms
Programs with the ability to replicate themselves and spread from computer to computer via email or the Internet,
often shutting down entire networks. Similar to computer viruses.
Zero Day Virus
A previously unknown computer virus or other malware for which specific antivirus software signatures are not yet
available.
Return to the Security Center homepage for additional resources.