Skip to main content

Decoded: Cybercrime jargon explained

September 22, 2021

Can’t tell your malware from malarkey? Do you think phishing is something you do with your mates on the weekend? If you’re sick of just smiling and nodding politely when the subject turns to cybercrime, you’re in luck – we’ve broken down the meanings of the most common cybercrime terms here.

Account harvesting: Collecting email accounts that are in the public domain or using software to collect email addresses that are stored on a computer. These accounts are often used later for spamming. 

Attack surface: The sum of the different points in a system that an attacker could potentially breach. Your attack surface is essentially your digital footprint, and the larger it is, the more chances there are that an attacker could find exploitable vulnerabilities in it. 

Back door: A means to access a system that bypasses the normal security measures. Back doors are sometimes created deliberately by developers as a troubleshooting tool, and sometimes installed as part of a cyber attack by criminals who return to exploit it later.

Black hat: A person who hacks into a computer system with malicious intent. Bad guys. 

Browser hijacking: Software that can modify a user’s browser settings without their knowledge or consent, often to inject unwanted content or advertising. 

Brute force: A process of attempting to crack a cryptographic key or password by systematically trying every possible combination until you find the right one. 

Business email compromise: When criminals use email fraud to target business, government and non-profit organisations. This can include impersonating businesses by using similar names and domains, or even impersonating specific co-workers by compromising their email accounts. From here, the criminal can raise false invoices or change banking details so that money is sent to their account, among other scams.

BYOD (Bring Your Own Device): An IT policy that allows employees to access a business’ systems and data using their own personal tablets, computers and phones, broadening that business’ attack surface. 

Countermeasure: Techniques, actions and procedures to minimise the threat of a cyberattack by using cyber security and other measures. 

Cryptographic key: A string of seemingly random characters that, when processed through a  cryptographic algorithm, can encrypt data to make it unreadable ciphertext, or decrypt it to make it plaintext. Just like a physical key, it’s used to ensure that only the people in possession of it can lock and unlock data. 

Dark web: The dark web contains websites that aren’t indexed by search engines, and are only accessible through specialised browsers and software. The dark web can be used for highly illegal activity, including extoring ransomware payments, by users who wish to remain anonymous. 

Data at rest: Data that’s stored in any digital form on a computer. 

Data in transit: Data that’s moving between locations, either through the internet or a private network. 

Denial-of-service (DoS) attack: A DoS attack crashes a user’s system or network, making it completely unusable. This is usually done by overloading the system with requests. 

Double extortion: A similar process to ransomware (see below), but the hacker will also threaten to publish the data publicly if the ransom is not paid. 

Encryption: The conversion of readable plaintext data into unreadable cyphertext. A strong security measure against cyber attacks, it makes data virtually useless to anyone who accesses it without the cryptographic key required to unlock it.  

Firewall: A computer security system that filters incoming and outgoing network traffic based on certain security rules. Firewalls are intended to prevent unauthorised users from accessing the network, although there are ways for attackers to bypass them.  

Grey hat: A hacker who uncovers security flaws using illegal or unethical means, usually without the owner of the system’s knowledge or consent. However, they don’t have the malicious intent of a ‘black hat’ hacker. Morally ambiguous guys. 

Incident Response Plan: A set of instructions on how to deal with a cyber security issue including preparation, detection, response and recovery. 

Keystroke logger: Software that covertly records and captures the keystrokes on a computer without the knowledge of the user. This can be used to collect confidential information, including banking logins and other sensitive passwords. 

Malvertising: Short for ‘malicious advertising’, it’s the injection of malicious software that can be used to gain unauthorised access to systems into legitimate advertising networks and pages. 

Malware: Short for ‘malicious software’, it’s any harmful computer program that can be used by hackers to gain unauthorised access to sensitive data in a server, computer or network. Worms, viruses, trojans and spyware are all classic examples of malware. 

Multi-factor authentication: An electronic authentication method that requires two or more pieces of proof to access a website or application. 

Phishing: Sending untargeted mass emails, social media and text messages to a large volume of people in an attempt to gain sensitive information, such as banking details and log-in credentials. 

Piggyback: Using a wireless internet connection that belongs to someone else without their knowledge or permission. 

Ransomware: Malicious software designed to encrypt files or restrict access to systems, rendering them unusable until a ransom payment is made. 

Social engineering: Psychological manipulation tactics used to get people to divulge confidential information or perform certain actions. Much of what people think of as ‘hacking’ is really just old-fashioned social engineering.  

Spoofing: Not as funny as it sounds, this is the act of disguising communication from a malicious source to impersonate a legitimate, trusted source. This can apply to emails, websites, text messages and phone calls. 

Spyware: Malware designed to gather data about you via surveilling your device, without your consent. This data is often forwarded to a third party who can use it for nefarious means. 

Trojan: Malware that’s disguised as legitimate software in order to gain access into a computer or network. You’ve heard of a Trojan horse, right? It’s that, but with software. 

White hat: A non-malicious user who ‘hacks’ into a computer or network to expose security flaws or evaluate security systems with the owner’s consent, so they can find their vulnerabilities. Good guys.  

Worm: Every bit as slimy as it sounds, this is malware that can self-replicate and copy itself across a network, without the need for host software or human intervention. 

Want to learn more? Visit for more cybersecurity explainers.