Glossary of Security Terms

For our Online Banking Glossary, click here.

  • Adware:  As customers use certain software, adware provides advertising to offset software development costs. Don’t confuse adware with spyware and malware, which have potentially malicious effects.
  • Anti-virus software: Usually included with most computer systems, it detects, repairs, cleans, or removes virus-infected files. Some anti-virus products also detect and remove spyware, malware, Trojan Horses and other malicious software from your computer. Anti-virus software must be regularly updated for the most effective protection.
  • Dual Control: A security function that reduces the likelihood of fraudulent activity against your business banking account by requiring that two separate users submit to the bank all Automated Clearing House (ACH) originations for processing. Dual control makes it harder for criminals to use keystroke tracking programs to intercept your user name and password and gain access to your account.
  • Firewall: Can limit unauthorized access to your home or work computer. It is a software or hardware device that limits access to a website, network or computer. Inexpensive personal firewalls for home or business use are recommended.
  • Keylogger: The most dangerous threat to user privacy -- a computer program that logs each keystroke a user types on a keyboard, saves this data into a file, or transfers it via the Internet to a pre-determined remote host. It also can capture screenshots of user activity, login passwords, record online chat conversations or take different actions in order to find out what a user is doing. Often downloaded inadvertently by users clicking on links in fraudulent emails.
  • Malware: Typically installed without your knowledge by clicking a button on a pop-up window or visiting a malicious website. Malware (malicious software) is intentionally introduced into a computer system to cause harm or loss to the computer system or its data, or to create a platform to attack other computers. It can change system parameters, install additional harmful software and may be difficult for you to remove from your system. 
  • Patch: An update to computer software or a web browser. Can fix bugs, add new features or close computer security holes. Software vendors regularly release browser or operating system security patches. To ensure your system’s security, undertake periodic system maintenance.
  • Pharming: A variation of phishing (see below) in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent websites without their knowledge or consent. Once on the fraudulent site, the user will be asked to submit confidential information and the attackers will capture this information for illegal use.
  • Phishing (or Spoofing): The practice of sending emails at random that pretend to come from a genuine company operating on the Internet. Phishing (as in fishing for confidential information) emails are an attempt to trick consumers into disclosing personal information at a false websites which may later be used to commit fraud and/or identity theft. Also referred to as “spoofing.” A variant of phishing instructs the user to call a toll-free number to verify account information instead of visiting a website.
  • Shoulder surfing:  Just like it sounds, the practice of peering over your shoulder to see your PIN or password to gain illegal access to your personal information.
  • Smishing: A combination of “SMS,” for short message service (text messaging), and “phishing.” Smishing is the latest twist on the “phishing” scam, but uses a text message instead of email.  The text message tells you to call a toll-free number, which is answered by a bogus interactive voice-response system that tries to fool you into providing your account number and password.
  • Social Engineering: Tricking someone into revealing information that's useful to attackers, such as a password, via email, telephone or face-to-face.  Social engineers can be skilled con artists who use their persuasive powers so that victims act against their own better judgment. In most successful cyber-attacks, the human factor is the weak link.
  • Spam:  Electronic junk mail -- unsolicited, often commercial email sent indiscriminately to multiple mailing lists, individuals, or newsgroups. The Can-Spam Act of 2003 requires spam messages to be labeled and requires an opt-out process. Spam is usually blocked by anti-spam software, but only regular updates will maintain this software’s effectiveness.
  • Spyware:  Software that may appear as adware, but is generally used to monitor computer use in some way without the user’s knowledge or consent. It is possible for spyware to record keystrokes, browser history, passwords, and other confidential and private information and report these back to a third party using the Internet. Spyware can also deliver spam or advertising without your notice and consent. Certain anti-virus programs can detect and remove spyware.
  • Trojan Horse programs:  Can be hidden in games, videos, music files or programs downloaded from the Internet or e-mail. Remote Access Trojans (RATS) will also install a malicious program on the target's computer. Many anti-virus programs will detect and remove Trojan Horse programs, but must be regularly updated to be effective.
  • Vishing:  Also known as “voice phishing.” Vishing uses the either a combination of email and telephone or an automated answering service to trick you into providing your personal information.
  • Worms:  Programs that can replicate themselves and spread from computer to computer via email or the Internet, often shutting down entire networks. Similar to computer viruses.