A program designed to detect, prevent, and remove malware from your devices. It actively scans files, emails, and internet traffic for known threats and suspicious behavior. Example: Your antivirus software might block a malicious file from downloading or quarantine a virus it finds on your hard drive.
A social engineering technique that tempts a victim with a false promise to trick them into compromising their security. Example: An attacker leaves a USB drive labeled "Company Salaries 2025" in an office lobby. An employee who plugs it into their computer unknowingly installs malware.
A network of hijacked computers, connected via the internet, that are used to perform tasks without the owners' knowledge. These "bots" are often used to launch large-scale DDoS attacks or send spam.
An attack that uses a botnet to overwhelm a website or online service with an enormous amount of traffic from many different sources, causing it to crash or become unavailable for legitimate users.
The process of scrambling data into an unreadable code that can only be deciphered with a specific "key." It protects sensitive information from being read by unauthorized parties. Example: When you see "HTTPS" and a lock icon in your browser, it means your connection to that website is encrypted.
Short for "malicious software," this is a broad term for any software created to harm or exploit a computer system. It includes ransomware, spyware, Trojans, and viruses.
An attack where a cybercriminal secretly intercepts communications between two people or a person and a web service. Example: On an unsecured public Wi-Fi network, an attacker could position themselves between you and the coffee shop's router to capture all the data you send, including passwords.
A crucial security layer that requires more than just a password to log in. It requires at least two "factors," typically something you know (your password) and something you have (a code from your phone app).
A secure application that generates and stores long, unique, and complex passwords for all your online accounts. It allows you to have excellent password security by only needing to remember one single master password.
A social engineering attack where a scammer sends a fraudulent message designed to impersonate a legitimate organization. Example: An email that looks like it's from your bank warns that your account is locked and tells you to click a link to verify your identity. The link leads to a fake website that steals your login details.
A social engineering technique where an attacker creates an elaborate fabricated scenario (a pretext) to gain a victim's trust and manipulate them into providing information. Example: Someone calls you claiming to be from your IT department and says they need your password to perform a "critical security update" on your account.
A type of malware that encrypts a victim's files, making them inaccessible. The attacker then demands a ransom payment, often in cryptocurrency, in exchange for the decryption key. Regularly backing up your data is the best defense.
The art of psychologically manipulating people to exploit human error and gain access to information or systems. It relies on trust, fear, and curiosity rather than technical hacking.
Malware that secretly monitors and records a user's activity without their knowledge. It can capture keystrokes (keylogging), screenshots, and other confidential information.
Malware disguised as a legitimate program. Like the mythical Trojan Horse, it appears harmless but contains a malicious payload that activates after it's been brought inside the system's defenses (i.e., downloaded and run).
A service that creates a secure, encrypted "tunnel" for your internet traffic. It hides your IP address and protects your online activity from being monitored, especially on public Wi-Fi.
Welcome to CyberSafe