Internet Glossary of Terms

A

Adware: Also known as Spyware. Any software that covertly gathers user information through the user's Internet connection without their knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs which can be downloaded from the Internet. Once installed, the Spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about email addresses, usernames, passwords and credit card numbers.

Anti-virus software: Consists of computer programs which attempt to identify, thwart and eliminate computer viruses and other malicious software (malware). Anti-virus software is only as effective as the last update. You should download the latest anti-virus software and signatures regularly from your preferred supplier.

B

BOQ Security Token: Is a hardware device that generates a random number as a secondary form of authentication for some Value Transactions carried out through Internet Banking. Also known as a Token.

Browser hijacker: A program which takes over the user's control of a web browser.

C

Cookie: Information which a website places on your hard drive so that it can remember something about you at a later date. Typically, a cookie records your preferences when using a particular site. Most browsers automatically accept cookies. You can set your browser options so that you will not receive cookies. You can also delete existing cookies from your browser. However, you may find that some sections of some websites will not function correctly if you refuse cookies.

Customer Access Number (CAN): Is the unique number allocated to a Customer by us which identifies the Customer and Nominated Accounts to us and, when used in conjunction with a Personal Access Code and User ID (if any), enables Users to access Internet Banking or EasyPhone Banking. Also known as a CAN.

D

Denial of Service Attack (DoS): A simple form of DoS attack is by sending large volumes of data to a single server thereby making it unstable or even crashing it.

Dialers: Software which causes the computer to use the modem to dial phone numbers. Often used to run up high phone bills or transmit data collected by keyloggers or trojans.

DNS: Short for Domain Name System (or Service), an Internet service which translates domain names into IP addresses. We use domain names as they are alphabetic and therefore easier to remember. The Internet is based on IP addresses, so every time you use a domain name a DNS service must translate the name into the corresponding IP address.

E

Encryption: The conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. Decryption is the process of converting encrypted data back into its original form so it can be understood.

F

Firewall: A piece of software or hardware which provides a barrier between your computer and the Internet. A firewall will prevent intruders or hackers from gaining access to your computer and should be updated regularly. Firewall software is only as effective as the last update. You should download the latest firewall signatures regularly from your preferred supplier.

H

Hacker: A person who uses a computer to break into other computer systems in order to steal, change or destroy information. To protect yourself from hackers you should install firewall software on your computer and keep it up to date.

HTTP: Hyper Text Transfer Protocol is the world wide web protocol which performs the request and retrieve functions of a server. Commonly seen as the first part of a website address.

I

Identity theft: When someone else steals your personal information without your knowledge. They may then use your details to commit fraud.

IP Address: A unique number given to an individual machine, account or user for the purpose of identifying them on a TCP/IP network.

K

Keylogger program: A virus which can record the keys pressed on your keyboard while your computer is being used.

M

Malware: An abbreviation of 'malicious software', malware refers to viruses, trojans, spyware, keyloggers, dialers and browser hijackers.

Man-in-the middle: An attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised. The attacker must be able to observe and intercept messages going between the two victims.

P

Patches: Software updates issued by software manufacturers when security vulnerabilities or bugs are found in their software. Patches are designed to fix vulnerabilities and you can download them via the Internet. It’s recommended that you keep your computer safe by regularly applying any security patches.

Personal Access Code (PAC): Is the security password which, when used in conjunction with a Customer Access Number, enables Users to access EasyPhone Banking or Internet Banking. Also known as a PAC.

Pharming: The exploitation of a vulnerability in the DNS server software which allows a hacker to acquire the Domain Name for a site, and to redirect traffic to that website to another website. DNS Servers are the machines responsible for resolving internet names into their real addresses- the "signposts" of the internet. If the website receiving the traffic is a fake website, such as a copy of a bank's website, it can be used to "phish"or steal a computer user's passwords, PIN number or account number.

Phishing: Usually beginning with an email appearing to come from your bank, it leads the recipient to a convincing website, at which point the user is tricked into entering their username and password. The website has been set up by the attacker and does not belong to the bank at all. Once obtained, the details are used by the attacker to log in to the user’s account and transfer the funds out. New variations occur almost daily, and use a wide variety of techniques to deceive users into thinking that the bogus email or website is genuine.

Port: A connection type used Internet software. For example, port 80 is usually used for web browsing, port 25 for sending email and port 110 for downloading email.

Port scanning: A hacking technique that attempts to connect to every possible port on your computer.

S

Secure Socket Layer (SSL): A method of coding which enables private communication between a web browser and a web server (used mostly in commerce related servers). Many websites use SSL to ensure customer information is kept secure. You can tell if you’re accessing a secure website by checking the address bar along the top of your screen to ensure the address begins with ‘https’ rather than ‘http’. A number of browsers will display a closed padlock at the foot of the browser - this padlock indicates you are in a secure session.

Shoulder surfing: The activity of anyone observing what you are doing on a computer or ATM. They may stand or sit closely behind you to watch you when you input personal details.

Site certificates: Provide reassurance that the site being visited is genuine. A site certificate is required in the web browser and on the web server in order that a secure session can be started and communication can take place. To check the site certificate on a secure website, double-click the padlock symbol at the bottom right of your browser window to display site certificate information.

Spam: Unwanted and unsolicited email. The electronic equivalent of paper junk mail.

Spyware: Any software which covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs which can be downloaded from the Internet. Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about email addresses and even passwords and credit card numbers. Also known as adware.

Stealth mode: A firewall is said to be in stealth mode if it doesn't actively respond to connections on a particular port, even if that port is operational.

 

T

TCP/IP: Transmission Control Protocol/Internet Protocol refers to the suite of communications protocols used to connect computer systems on the Internet.

Token: A hardware device that generates a random number as a secondary form of authentication for some Value Transactions carried out through Internet Banking. Also known as a BOQ Security Token.

Trojan: Programs (often malicious) which install themselves or run secretly on a victim's machine. They do not install or run automatically, but may entice users into installing or executing by masquerading as another program altogether (such as a game or a patch).

U

URL: Uniform Resource Locator is the specifying of the location of something on the Internet, eg, "http://www.boq.com.au" is the URL for the Bank of Queensland corporate website.

V

Virus: A computer program usually hidden in an existing program. Once the existing program is executed, the virus program is activated and can attach itself to other programs or files. Viruses can range from benign activities such as attaching a harmless message to performing malicious activities such as destroying all the data on a computer hard drive. Viruses are commonly distributed as e-mail attachments which activate when the attachment is opened.

W

Worm: A software program capable of reproducing itself and spreading from one computer to another. Worms take advantage of automatic file sending and receiving features found on many computers. Note: A virus requires human intervention to transport to other devices – Worms do not.