An attempt to obtain or decrypt a user's password for illegal use. Hackers can use cracking programs, dictionary attacks, and password sniffers in password attacks. Defense against password attacks is rather limited but usually consists of a password policy including a minimum length, unrecognizable words, and frequent changes.
|Password stealer (PWS)||
Malware specifically used to transmit personal information, such as usernames and passwords.
The cargo code in a virus rather than the portions used to avoid detection or replicate. The payload code can display text or graphics on the screen, or it may corrupt or erase data. Not all viruses contain a deliberate payload. However, these codes affect CPU usage, hard disk space, and the time it takes to clean viruses. Payload can also refer to the data or packets sent during an attack.
|Peer-to-peer (P2P) networking||
A distributed system of file sharing in which any computer on the network can see any other computer on the network. Users can access each others' hard drives to download files. This type of file sharing is valuable, but it brings up copyright issues for music, movies, and other shared-media files. Users are also vulnerable to viruses, Trojans, and spyware hiding in files.
|Personally identifiable information (PII)||
Any information that, by itself or when combined with other information, can identify an individual.
A form of criminal activity using social engineering techniques through email or instant messaging. Phishers attempt to fraudulently acquire other people's personal information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication. Typically, phishing emails request that recipients click on the link in the email to verify or update contact details or credit card information. Like spam, phishing emails are sent to a large number of email addresses, with the expectation that someone will act on the information in the email and disclose their personal information. Phishing can also happen via text messaging or phone.
The practice of gaining unauthorized access to a system by exploiting an authorized user's legitimate connection without their explicit permission or knowledge.
|Potentially unwanted program (PUP)||
Often legitimate software (nonmalware) that may alter the security state or the privacy of the system on which they are installed. This software can, but not necessarily, include spyware, adware, keyloggers, password crackers, hacker tools, and dialer applications and could be downloaded in conjunction with a program that the user wants.