Fraud Speak — Learn the Lingo to Beat Scammers
Istock
To spot online fraud, it helps to learn the language of scammers and hackers.
En español | Time was when whaling was done by Captain Ahab and ghosting by Casper. Today the words describe dirty deeds done by scammers. These two terms are part of a dialect of deception that constantly evolves with new schemes or twists on existing ones. Knowledge is power. So to help you boost your fraud prevention know-how, here's a guide to the latest terms in the lexicon of larceny — and the common cons behind them.
Brute-force attack: A hacking method to find passwords or encryption keys by trying every possible combination of characters until the correct one is found.
Catfish: Someone who creates a fake online profile to intentionally deceive you.
Drive-by download: The downloading of a virus or malware onto your computer or mobile device when you visit a compromised website — it happens without your clicking on anything at the site.
Ghosting: Theft of the identity of a deceased person to fraudulently open credit accounts, obtain loans or get utility or medical services in the person's name.
Hash busters: The random words or sentences contained in spam emails that allow these emails to bypass your spam filters.
Keylogger: A clandestine program that logs sequential strokes on your keyboard and sends them to hackers so they can figure out your log-in credentials.
Malvertising: Malicious online advertising that contains malware — software intended to damage or disable computers.
Man-in-the-middle attack: When a fraudster secretly intercepts and possibly alters messages between two parties who believe they are securely communicating with each other.
Pharming: When hackers use malicious programs to route you to their own websites (often convincing look-alikes of well-known sites), even if you've correctly typed in the address of the site you want to visit.
Phishing: The act of trying to trick you, often by email, into providing sensitive personal data or credit card accounts, by a scammer posing as a trusted business or other entity.
Ransomware: A malicious program that restricts or disables your computer, hijacks and encrypts files, and then demands a fee to restore your computer's functionality.
Scareware: A program that displays on-screen warnings of nonexistent infections on your computer to trick you into installing malware or buying fake antivirus protection.
Skimming: The capture of information from the magnetic stripe on credit and debit cards by "skimmer" devices that are secretly installed on card-reading systems at gas pumps, ATMs and store checkout counters.
Smishing: Phishing attempts that go to your mobile devices via text message, telling you to call a toll-free number. Named for SMS (short message service) technology.
Spear-phishing: Phishing with personalized email, often appearing to be from someone you know.
Spoofing: Any situation in which a scammer masquerades as a specific person, business or agency, but typically meaning the manipulation of your telephone's caller ID to display a false name or number.
Spyware: A type of malware installed on your computer or cellphone to track your actions and collect information without your knowledge.
Vishing: Short for "voice phishing," the use of recorded phone messages intended to trick you into revealing sensitive information for identity theft.
Whaling: Phishing attempt on a "big fish" target (typically corporate executives or payroll departments) by a scammer who poses as its CEO, a company attorney or a vendor to get payments or sensitive information.
Sid Kirchheimer is the author of Scam-Proof Your Life, published by AARP Books/Sterling.
Also of Interest
- There's a problem with the new chip credit cards
- Investment fraud vulnerability quiz
- Are you an easy mark?
Join AARP Today — Receive access to information, benefits and discounts