top of page
    • Aug 29

Jargon busting: know your VPNs from your MFAs

Have you ever read an article about cyber security or technology and stopped reading halfway through due to the use of jargon or baffling lingo? If so, this blog may help you...



Let's be honest - when you hear the term "cyber security," do your eyes glaze over? Do you think, "This doesn’t concern me" or "Cybercrime won’t happen to me"? The reality is, cyberattacks are a very real threat, and it’s something you do need to take seriously.

 

Whether it’s a suspicious text asking for payment or an email from someone pretending to be a colleague requesting sensitive business documents, cyber threats can happen to anyone at any time.

 

Maintaining cyber resilience is crucial for your business. Yes, the terminology can be daunting, but at the East Midlands Cyber Resilience Centre (EMCRC), we’re dedicated to making cyber-related matters more accessible - especially for small businesses that lack the internal IT support that larger companies often have.

 

To help you get started, below is a list of common cyber terms and their meanings...



  • 2FA (Two-Factor Authentication): The use of two different methods to verify a user's identity, also known as multi-factor authentication (MFA). See below.

  • MFA (Multi-Factor Authentication): An authentication method requiring two or more verification factors to gain access. MFA adds yet another level of security.

  • Anti-virus: Software designed to detect, stop, and remove viruses and other types of malicious software.

  • Breach/Data Breach: An incident where data, computer systems, or networks are accessed or compromised in an unauthorised way.

  • Encryption: A mathematical process that protects information by making it unreadable to anyone without the key to decode it.

  • Malware: A term for malicious software, including viruses, trojans, worms, or any code that could harm organisations or individuals.

  • Spyware: Malware designed to collect and steal sensitive information from the victim without their knowledge. It can monitor internet activity and harvest usernames, passwords, financial information, and more.

  • Ransomware: Malicious software that renders data or systems unusable until a ransom is paid (although we would never endorse a ransom be paid, as that is not only funding organised crime, but the threat actor may demand more money after the initial payment is made, and they may also not release your data at all).

  • Threat actors: Threat actors, also known as cyberthreat actors or malicious actors, are individuals or groups that intentionally cause harm to digital devices or systems.

  • Social Engineering: The manipulation of people into performing actions or divulging information useful to an attacker.

  • Patching: The process of applying updates to firmware or software to improve security and functionality.

  • Phishing: A cybercrime where targets are contacted by email, phone, or text by someone pretending to be a legitimate entity, to steal sensitive information such as personal details, banking info, or passwords.

  • Quishing: Threat actors are employing QR codes within their emails or attachments that re-direct users to a spoofed page. In some cases, legitimate QR codes for menus on restaurant tables and car park pay stations have been covered with stickers which re-directs the user to a malicious domain.

  • Smishing: Phishing via SMS - mass text messages sent to users asking for sensitive information or urging them to visit a fake website.

  • Whaling: A whaling attack is a type of phishing attack where a particularly important person in the organisation is targeted. It hinges on the cyber criminal pretending to be a senior member of the organisation to gain the trust of the intended target.

  • Spear phishing: Spear phishing is a type of phishing attack that targets a specific individual, group or organisation. These personalised scams trick victims into divulging sensitive data, downloading malware or sending money to an attacker.

  • Virus: A type of malware that can self-replicate and is designed to infect legitimate software or systems.

  • VPN (Virtual Private Network): An encrypted network often created to provide secure connections for remote users, such as in an organisation with multiple office locations.

  • Vulnerability: A weakness or flaw in software, a system, or a process that an attacker might exploit to gain unauthorised access.


If you're interested in learning more about the support and guidance that the EMCRC offers - including our free information pack and community membership - please take a look around this website or contact us today.


 

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).

 

Comments

The contents of blog posts on this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of East Midlands Cyber Resilience Centre (EMCRC) is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others. Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. EMCRC provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us by email.

 

EMCRC does not accept any responsibility for any loss which may arise from reliance on information or materials published on this blog. EMCRC is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page