Terms related to electronic banking security-

ABC  |  DEF  |  GHI  |  JKL  |  MNO  |  PQR  |  STV  |  WXYZ

A

Adware:

An adware program is the one that spreads advertising through banners, pop-ups, etc. while running. This advertising subsidizes the application. Sometimes, this program includes a tracking code that collects information about your browsing habits, working as spy programs or spyware. This has generated some controversy because, in some cases, it is transferred to third parties without user consent.

Antivirus / Antimalware

Programs used to prevent detect possible virus infections or any type of malicious programs, and repair the damage they have caused.

B

Backdoor

In computer security, a backdoor refers to deficiencies in the security of an application or system that allows third parties to enter in violation of system security, usually for illegal purposes. For example, if a computer connected to a secure network is also connected to an unsecured wireless network, it could make this an insecure connection a backdoor to the secure network.

Up

C

Certificate:
Digital document issued by an independent body that guarantees systems and people identity in Internet. The security certificate is protected by cryptographic techniques.

Cookie:
Information that, sent by a web server to the browser, is subsequently returned for each new connection. Can be used with legitimate intentions, such as user identification, or malevolently, such as non-consensual storage of navigation patterns.

Chain email:

These are emails which request that the message is forwarded to other people so that they in turn forward it. It is one of the possible sources of problems with email, since may contain false information, carry viruses, etc.

Content filtering:

Set of technologies that allow control of the information transmitted over Internet services. Content filtering is used to block viruses sent by email, to control Internet access for minors, etc.

Cracker

Crackers are people who use existing tools to compromise system, computer or network security to steal, defraud or cause damage.

Crime ware

The concept crime ware includes all those computer programs designed for economic gain by committing all types of online crime. Phishing, spam, adware, among others are considered crime ware.

Cryptography:
Discipline which is responsible for the secure transmission and storage of information.

D

DNS Poisoning:

Use virus types which upon user entering online branch site address, it automatically forwards it to false site where they get access to confidential user data.

E

Electronic signature:

Digital information associated with a particular operation made on the Internet, which along with certificates guarantees participant identity in a transaction.

Encryption:
Encoding data using various mathematical techniques guaranteeing confidentiality in the transmission.

Exploit

Program that uses the security weaknesses of another system to attack and disrupt its functioning, defraud or harm a system, computer or network.

Up

F

Firewall:
Security system that controls access between networks or computers, defining who and what services or systems can connect. Denying connections to unauthorized users and allowing them to connect only to services or systems strictly allowed.

Up

H

Hacker:

Person with very specialized knowledge seeking vulnerabilities in systems, computers or networks and how they can manage to exploit them, violating existing security controls to cause damage, disrupt a system, steal information or execute a fraud.

Hoax

Email with false information on the occurrence of new viruses, attacks, risks, urban legends and other totally false topics that cause fear and ask the recipient to forward the message to all his contacts; thus it manages to capture email addresses of users to whom  messages containing viruses, spam, phishing will be later sent.

I

Intrusion:
Computer intrusion where attacker gains complete control over machines. During intrusion the attacker can obtain and alter machine data, and modify operation and even attack other machines. 

Up

K

Key logger:

Program or device that records combinations of keystrokes pressed by users and stores them to obtain confidential information, like passwords, email message content, etc. The key logger can be a system that is distributed as viruses or a device that connects between keyboard and computer, used frequently in public computers such as Internet cafes.

M

Malware

The Malware (acronym in English of: "Malicious Software") includes all "malicious" programs (Trojans, viruses, worms, etc.) that seek to obtain certain benefit, causing some kind of damage to computer system or user.

P

Password:
Set of letters, numbers and symbols, or phrases used to authenticate users in a computer system. For effective password use it must be difficult for an attacker to guess.

Personal Firewall:

Firewall installed as a program on a machine that strictly controls the accesses to it. Often used in home computers with direct Internet connection.

Pharming:
"Pharming" is the term used to re-direct the name of a website, regularly visited by the user, to a web page identical to the original, which has been created to obtain confidential user information, such as passwords, banking details, etc. It works similar to a virus, and it is of high risk because user types real site address but is redirected to a fake one, being easily deceived.

Phishing:
Fraud traditionally committed through the Internet, which aims to get users´ confidential data such as passwords or access keys to banking accounts. To achieve this information mass mails are sent to email addresses, which claim to be from trusted entities. The message prompts user to provide his personal data, passwords, etc. for "security reasons" or to "confirm your account". Sometimes this type of data is requested in the same message, or prompts the user to access the website of the entity, which is an identical copy of the original, where he should complete the information. Currently, numerous versions of this crime have been emerging, which use other means to achieve same objectives. An example of the new phishing is

Proxy:
Computer system whose mission is to interface between one system and another through the Internet. Among the missions of a proxy, we found it accelerates Internet access, filters accessed content and protects the systems by preventing direct communication.

Up

S

Security devices:

BCR offers the following and only security devices to make us of its virtual/online branch Bancobcr.com:  Dynamic Key printed card or virtual and Digital Certificate.

Service denial:

Computer notice that without affecting information contained in a system leaves it unable to serve. Denial can be achieved by machine saturating or blocking.

SMiShing

It is a variant of phishing, which uses messages to mobile phones, rather than email, to attack. The remaining procedure is similar to phishing: the scammer impersonates the identity of a trust entity to request user to provide his data via another SMS or accessing a fake website identical to that of the entity in question.

Social Engineering:

Techniques that attempt to attack the security of computer systems by tricking users and administrators. Most social engineering techniques are similar to scams.

Spam:
Unsolicited commercial email that is sent over the Internet. The volume and content of SPAM can significantly hinder use of email services.

Spear Phishing

Type of phishing in which, instead of doing a mass e-mailing, the email is sent with a greater degree of customization to specific recipients, getting more credible messages than those of traditional phishing.

Spyware or Spy Program:

It is a type of program aimed at collecting system user information in which it is installed. The data collected is often related to the user´s browsing habits and used for advertising purposes. Although the installation of spyware can be done with the consent of the user, in many cases, it is installed without authorization, when installing another program supposedly harmless, or by a virus or Trojan, distributed by email.

T

Tap Napping:

Type of phishing attack that exploits the multiple tabs that the user opens in the browser. The tap napping process exploits the fact that the Internet users are convinced that pages open in tabs remained unchanged when accessing other Internet services.

Trojan:
Executable program that appears to perform  certain task to deceive the user, to perform actions such us controlling the computer, stealing confidential data, deleting data, downloading other malware, etc. The main difference between Trojans and viruses is that Trojans cannot replicate themselves.

V

Virus:
Computer code that replicates itself and spreads from computer to computer through programs or files to which it attaches. For infection to occur, human intervention is required, that is, user must perform some action such as sending an email or open a file. Viruses can produce all kinds of damage to the equipment itself as well as information and programs in equipment.

Vishing

Fraud pursuing the same goal as Phishing: obtaining users confidential data, but instead of using email or text messaging as SMShing, uses phone calls, trying to trick users into giving confidential information such as card numbers, PINS, keys and others, which are then used to commit fraud.

W

Worm:
Worms are programs similar to viruses, but unlike them, are able to make copies of them and spread through the network to infect other computers, without user intervention. One of the most common worm propagation is sending mass emails to contacts in address books of users.

Up

For more information, please contact:
ServiciosBancaElectronica@bancobcr.com