Valley National Bancorp

21/11/2024 | Press release | Distributed by Public on 21/11/2024 16:45

From Phishing to Scamming: The A-Z Guide on Cybersecurity

  1. Personal
  2. Insights Center
  3. Security and Fraud
  4. From Phishing to Scamming: The A-Z Guide on Cybersecurity
FraudNov 21, 20247 minutes

From Phishing to Scamming: The A-Z Guide on Cybersecurity

Discover essential cybersecurity terms and tactics in this comprehensive guide.
Financial Literacy
On this page
  1. Importance of understanding cybersecurity terms
  2. Two-Factor Authentication (2FA)
  3. Advanced Persistent Threats (APT)
  4. Phishing and Spearphishing
  5. Ransomware

Essential Cybersecurity Terms Every Business Needs to Know

The world of cybersecurity is filled with terms and tactics that may be hard to keep up with-or to even understand in the first place. Unfortunately, business owners and their employees can't afford blind spots when it comes to keeping their network safe. This article offers a comprehensive guide on cybersecurity terms everyone needs to know, as well as how these scams work and how to avoid them.

Key Cybersecurity Terms You Need to Know

The world of cybersecurity is vast and terminology comes to the fore frequently. That said, there are several core terms that remain relevant even as tactics change. This section will include the A-Z terms constituting the bulk of the article.

2FA

Two-factor authentication-known as 2FA for short-is a security measure that adds a layer of authentication to the login process. 2FA usually takes the form of both a password as well as a one-time code sent to an email address or generated from an authentication app.

Advanced Persistent Threats (APT)

APTs are slow and persistent attacks that infiltrate a network and remain inactive until the ideal moment to steal information, shut down systems, or infect systems with ransomware.

Breach

A security breach occurs when someone without their own credentials is able to access one or more parts of your computer system or network. Security breaches can from anywhere, such as a stolen or cracked password or software vulnerabilities.

Cloud computing

Cloud computing can take a variety of forms. For most businesses, this means moving its technology tools (e.g. email, spreadsheets, databases) off-site to a third-party destination. These destinations are large servers operated by businesses with robust cybersecurity tools, often much stronger than what an individual business could afford to build and implement.

Data theft

The unlawful transfer and collection of a business' confidential, proprietary, or financial information. Data theft can consist of email passwords, institutional logins, customer information, employee data, or any other information that third-parties should not have access to.

Encryption

How information is converted into secret code that obscures the data within. Encryption breaks apart the data in a file so it's unreadable unless you have the right encryption key, which then rearranges data into the right sequence.

Firewall

A firewall blocks certain Internet Protocol (IP) addresses from accessing a computer or computer network. A firewall prevents employees and outsiders from accessing compromised websites, or from inbound requests from disreputable addresses.

Encryption

How information is converted into secret code that obscures the data within. Encryption breaks apart the data in a file so it's unreadable unless you have the right encryption key, which then rearranges data into the right sequence.

Firewall

A firewall blocks certain Internet Protocol (IP) addresses from accessing a computer or computer network. A firewall prevents employees and outsiders from accessing compromised websites, or from inbound requests from disreputable addresses.

Gateway

Hardware or software that connects two networks for data sharing. Email communications use a gateway to pass messages back and forth, for example. Compromised gateways can lead to security breaches.

Hacking

Accessing a computer or network without authorization. Hackers probe software or networks for vulnerabilities that can give them access to data not meant to be distributed.

IP Address

An IP address is a code assigned to every computer that accesses the internet. Websites also have IP addresses, although most use web addresses instead.

Javascript

A programming language designed to let you generate and modify website content. One of the most common languages in use today, there are several vulnerabilities, such as malicious code and Cross-Site Scripting (XSS).

Keylogging

Keylogging software (or hardware, in some cases) tracks a user's keyboard entries, which can result in data loss and further cyber attacks for a business.

Likejacking

Shares of salacious or compelling social media posts that trick users into clicking on links, sharing videos, or liking content that's fraudulent.

Malware

A portmanteau of "malicious software," is an umbrella term for software and apps that, once installed, can result in data or information theft. Malware can also shut down (or even destroy) networks and computers, or hold logins for ransom (known as ransomware).

Network Behavior Analysis (NBA)

NBA helps keep networks secure through the analysis of user behavior. These tactics help uncover unusual or unsafe behavior by bad actors.

Open Source

Code that's developed openly, with its contents available for all to see. Open Source code is released under licenses that allow people to use or modify the software.

Phishing

Phishing refers to tactics that use email in order to deceive recipients into giving up sensitive information. Phishers will often replicate emails from trusted senders, only to manipulate links or communications to have users submit data unwittingly.

Qualitative Risk Analysis

A way to evaluate risks to your computer system or network that assigns priorities to the level of risk something poses. Tiers are usually low, medium, or high.

Ransomware

Ransomware is a form of malicious software that, once installed, can render a user's computer or login useless unless they pay a ransom to a hacker or hacking group.

Scamming

Scamming attempts are similar to phishing attacks: a cyber criminal pretends to be an individual or institution they are not. Scammers may also email you about a financial transaction or say you've won a prize in order to get sensitive information from you.

Spearphishing

Spearphishing is a more concerted, direct effort to pry one or more people for valuable information. Criminals identify a person within an organization with access to sensitive information, only to pose as an important person (e.g. a manager or c-suite executive) in order to get the recipient to share data.

Spoofing

Cyber criminals can impersonate a person within an organization via email, only for the recipient to send over sensitive materials under the assumption that the sender is who they say they are. Email spoofing preys on the victim not scrutinizing a message thoroughly enough before reacting.

Spyware

Spyware is a category of malware designed to snoop on the user's mobile device or computer. These tools can extract valuable information-sometimes by controlling the device remotely once hackers have access.

Threat Monitoring

Active efforts to anticipate and find threats to your network. May include antivirus, firewall, or 24/7 monitoring components, particularly for business applications.

URL

Another term for web address, URLs can often be spoofed either by intentional misspellings, fraudulent domain addresses (e.g. .co instead of .com), or characters that look similar to regular letters.

Virtual Private Network (VPN)

A VPN connects your computer to another server to transfer information. A business might use a VPN to give users access to its servers, whereas an individual might use a VPN to obscure their web traffic as an extra layer of protection.

Workstation

Employee desks, desktops, and laptops. It's advised that employees lock their computers when away from their workstation to prevent unauthorized users from accessing documents. Workstations should not have passwords written down anywhere near them, as this poses a security threat as well.

.XLS(X)

Excel document files. Excel files can contain malicious code that enables cybercriminals to obtain access to a computer or network.

Yo-Yo Attacks

A vulnerability in which attackers overwhelm a cloud platform with bogus traffic, thus blocking the service of legitimate users. It is a variant of the Distributed Denial of Sustainability (DDoS) attacks, which intentionally disrupts website functionality.

Zero-day exploit

A Zero-day exploit is a software vulnerability that a software developer is unaware of. Developers then need to fix the issue as quickly as possible as it is able to spread until dealt with.

Knowing the ABCs of cybersecurity

These are just a few of the top cybersecurity terms you will want to know in order to stay safe online. The more you know about cybersecurity, the better prepared you are to keep you and your business network guarded against attack.

Mentioned in this Article

Did something mentioned in this article catch your eye? Learn more about the Valley accounts mentioned in this article or apply today!

Valley Customer Care

At Valley, we prioritize your needs. Our dedicated customer care team is here to assist you with any questions or concerns. Discover our commitment to providing exceptional service and support for all your banking needs

Get relevant insights directly in your inbox

Provide us your email and we will send you the latest updates!

Email Address
What kind of financial resources do you want to receive?
Select NewsletterManaging your moneyOwning a homeBusiness and Commercial
Subscribe
Fraud Insights

Topics that matter to you

We aim to improve quality of life and bring economic empowerment and change to our communities

Fraud

From Phishing to Scamming: The A-Z Guide on Cybersecurity

Discover essential cybersecurity terms and tactics in this comprehensive guide.
7 minutes
Fraud

5 tips to keep your financial information secure

To protect your financial information online, follow these steps
4 minutes
Fraud

Tips to Help Protect Yourself and Your Finances from Fraud

Learn about common scams, warning signs, and effective prevention methods to stay safe and secure
6 minutes
Fraud

Education Scams: How to Spot and Avoid Them

Discover common tactics used by scammers, warning signs to watch out for, and practical tips to protect yourself and your finances. Stay informed and safeguard your educational journey.
4 minutes