Blog

Cyber crime is rapidly evolving, as is the terminology used to describe it. This blog consists of commonly used terms thatyou might find online as cyber crime continues to boom.

Keeping on top of cybersecurity risks is a constant challenge. Threats including  phishing,  malware  and  ransomware  are continually evolving and adapting, as cyber criminals regularly find new, innovative ways to conduct malicious hacking campaigns.

Many companies are having difficulties keeping up with the technological world and threats that come with it, resulting in security holes in networks and vulnerabilities left unpatched.

These flaws are relatively simple elements of cybersecurity to manage, but many organizations are still struggling to navigate, but don’t worry, bva is here to save the day!

The way in which cybersecurity and cyber threats are evolving means there’s a risk that many businesses could be left behind.

Many businesses could be dangerously exposed as technology moves forward and cyber threats move forward with it.

Therefore, it’s very important to stay ahead of the curve, be educated on the best cyber security practices and common threats to better protect yourself and your business.

Commonly Used Terms That Relate To Cyber Crime:

Arbers 

In the world of online betting and gambling, arbitrage is a technique which sees fraudsters create multiple accounts to increase their winning odds. Those who use it are referred to as arbers.

Back Door

A way for criminals to bypass security systems to access the data they’re after. Contrasts with a front door attack, where a virus or attack is done with help from the user, for instance by downloading an infected email attachment.

Baiting

Leaving a device such as a USB flash drive unattended so it is picked up by an unsuspecting victim. It preys upon people’s natural curiosity, as the drive will contain viruses, keyloggers or other spyware.

Bitcoin

The most famous and popular cryptocurrency. While it is often referred to as anonymous, bitcoin (BTC) is actually pseudonymous, which means it is possible to track someone’s payments if you can tie a real life identity to a wallet. 

However, bitcoin is still the currency of choice on darknet marketplaces, and it can be “tumbled” to be made anonymous and untraceable.

Botnet

A botnet is a network of computers that have been infected with bots (viruses) for mass attacks. These botnets can try to infect more computers or spread spam for affiliate fraud, amongst other reasons. They can also act as a proxy to mask a criminal’s original IP address.

Browser

A program used to access the Internet. Commonly used browsers include Internet Explorer, Google Chrome, Edge and Mozilla Firefox.

Burner Phone 

The term originates from the drug dealing world, and is used for inexpensive mobile phones designed for temporary use. It allows fraudsters and criminals to link an account to a disposable phone number, for instance to bypass multi-factor authentication. 

These days, phone numbers can be generated via burner phone apps or services. These work like prepaid phone cards, only allowing you to use them for a limited amount of time before being recirculated. Since they go through your phone’s original cellular data, they are not untraceable.

Carding 

General fraudster term for using stolen credit card data. This is whether it’s used for direct purchases, or charging prepaid or gift store cards, which are then resold.

CC

What fraudsters call stolen credit card data. A full CC contains the original cardholder’s name and address, expiry date, and CCV. It becomes a Fullz when other personal data points are added to the package.

Catfishing

A form of social engineering where fraudsters and criminals create fake online identities to lure people into emotional or romantic relationships for personal or financial gain. 

Online seduction and blackmail are used to acquire personal information such as credit card numbers, social security numbers, or home addresses, amongst others.

Clickjacking

Targeting someone to click a link, either to install malware or for phishing purposes. Often done via funny, shocking or alluring videos that are shared on social media. 

Crypto

Short for cryptocurrencies. A digital asset that uses cryptography to secure financial transactions. It’s often referred to as “digital money”. While it has many consumer benefits (low transaction fee, fast, decentralized), it is also the main currency that fraudsters and criminals use to exchange products and services on the darkweb. 

Cryptomining

Cryptocurrencies require large amounts of computer power to be created, or “mined”. Some legitimate companies specialize in mass cryptomining through dedicated mining farms. 

Cyber criminals and fraudsters, however, like to deploy cryptomining viruses or bots on unsuspecting users’s computers, or even organization’s servers. This allows them to mine at scale, without spending extra money on equipment or resources like electricity.

Dark Web

A network of unindexed, encrypted websites, often dedicated to criminal activities. They are hosted on special domains, and you need special software to access them, such as the Freenet or TOR browser. While there are technical differences between Dark Web and Dark Net, the terms are used interchangeably these days.

Deep Fake

A technology that uses real video or audio from a person, and allows people to create synthetic versions of that person. 

Deep Web 

The entirety of the web that is not accessible by search engines. For instance, online banking pages, legal and government documents, or scientific reports have no reason to be indexed. The Dark Web is part of the Deep web.

Denial-of-Service (DoS ) Attack

A denial-of-service attack (DoS attack) happens when a perpetrator floods a service with requests so nobody else can access it. 

In a distributed-denial-of-service attack (DDoS attack) the incoming traffic flooding the victim comes from many different sources. This makes it impossible to stop the attack simply by blocking a single source.

Domain Name

A unique Internet identifier registered to an entity (e.g. bvainc.com)

Dumpster Diving 

The practice of rummaging through someone’s garbage bins to find personal information (account numbers, PINs, passwords). Fraudsters often combine digital attacks and real-life information gathering. This is why it is recommended to shred important documents before discarding them.

Drop Address 

The address where fraudsters sent good purchased illegally (for instance with a stolen card). Some will go as far as making an abandoned house look lived in (mowing the lawn, plugging in electricity generator) to use the post box for recovering their goods.

Accomplices in drop address scams are often unaware they are helping fraudsters. They are often recruited through online job offers. The fraudster pretends to be in a different country, and offers to pay the hired person to forward them the stolen goods.

Firewall

Firewalls monitor and control incoming and outgoing network traffic by creating a barrier between your private network and the public internet.

It’s a virtual structure, comprised of either hardware, software, or both, that can prevent the spread of your private data to hackers, scammers, and other criminals.

Fullz

The name fraudsters give to a package containing a person’s real name, address, and form of ID. It usually contains all the information needed to steal someone’s identity. 

Hacktivism

Derived from combining the words ‘Hack’ and ‘Activism’, hacktivism is the act of hacking, or breaking into a computer system, for politically or socially motivated purposes.

Keylogging

Installing a program that logs and shares every key pressed on someone’s device. They are used to gather sensitive information such as passwords and bank details.

Malware

Malware is a broad term for any type of malicious software designed to damage or exploit a device, service or network. 

Cyber criminals use malware to gain remote control over victims’ devices, spy on user activities, steal sensitive data they can leverage for financial gain, or use the infected device to attack others and disrupt operations. 

Network

A group of computers that are linked together to share data and other information. Network infrastructure can be a mix of hardware devices, software applications, and network services.

Operating System

The overarching software program that runs all the functions on a computer hardware, software resources, and provides common services for computer programs. 

Pharming

A cyber attack which redirects traffic from a website to another. The second website is usually a copy of the original, designed to gather personal information such as credit card numbers.

Phishing

The malicious act of stealing someone’s personal data through deceptive emails, phone calls, or other methods. These fraudulent communications usually appear to come from a legitimate trusted source.

Ransomware

Ransomware is a type of malware thatblocks access to a computer via encryption, so victims cannot access files, databases, or applications.

Then, a ransom is demanded to be paid, usually in the form of bitcoin or other crypto, for the victim to get the decryption key to gain access back, but this is not guaranteed.

Scareware

Malicious software, messages or threats designed to scare people into installing malware and software. A website popup that claims your “computer may be infected with harmful spyware” will send you to a download link for a real malware program.

Social Engineering

Psychological manipulation done through human interaction that gets people to reveal personal information for fraudulent purposes. It can happen in one or multiple steps, and can range from the basic to the complex, where attackers impersonate co-workers or officials. 

Spear Phishing

Format via emails that target a specific organisation, or specific people within an organisation. Spear-phishing usually involves some form of social engineering to gain the confidence of intended victims. 

Unlike phishing, spear-phishing emails are addressed to deliberately chosen recipients rather than sent out randomly.

Trojan

On the surface, a legitimate computer programme. However, it also adds malicious software when it is installed. 

Tumbler

A service that moves cryptocurrencies from one digital wallet to another to make it harder to trace back the funds back to the original owner. This is essentially digital money laundering, usually performed for a fee for cryptocurrencies like Bitcoin.

Vishing

Voice phishing done via phone calls. Callers will impersonate IT engineers, bank managers, and even company executives, whose voices are synthetically recreated via deepfake technology.