Every time you open an e-mail, click a link or plug in a USB stick, you invite outside code onto your machine. Most of it is harmless or even helpful—but a small slice is written to steal, spy, or simply break things for fun. This article walks you through every common negative term you're likely to hear, from "virus" to "zero-day," in simple, human language. By the end you'll know what the threats are, how they get in, and what you can do to keep them out.
1. Malware: the bad programs themselves
Malware = "malicious software." It's an umbrella word for any program that does something you wouldn't want.
Term | What it means in one sentence |
---|---|
Virus | A hitch-hiker that hides inside another file; when you open that file it runs and copies itself into more files. |
Worm | A self-propelled program that jumps from one computer to another over the network—no file needed, no human clicks required. |
Trojan horse | Software that looks useful (a "free" game, a PDF) but secretly does harmful things once installed. |
Ransomware | Locks or scrambles your files, then demands payment (usually in crypto) to unlock them. |
Spyware | Watches what you type and where you click, then sends the details to someone else. |
Adware | Floods you with pop-ups or redirects your browser to make advertising money. |
Rootkit | Buries itself deep inside the operating system so security tools can't see it. |
Keylogger | Records every keystroke—logins, credit-card numbers, private chats. |
Bot / Botnet | A bot is a machine under someone else's remote control; a botnet is thousands of them acting together. |
Logic bomb | Code that stays dormant until a certain date, time, or trigger, then fires. |
Backdoor | A secret entrance intentionally left by an attacker (or sloppy developer) for later access. |
PUP (Potentially Unwanted Program) | Software piggy-backed onto installers—legal but sneaky. |
Cryptojacker | Uses your CPU/GPU in the background to mine cryptocurrency for the attacker. |
Fileless malware | Lives only in memory; leaves almost no footprint on disk, making it hard to detect. |
2. Flaws attackers exploit
Good people write buggy code; bad people look for those bugs.
Term | Plain-English meaning |
---|---|
Bug | Any coding mistake that makes the program misbehave. |
Vulnerability | A bug that can be used as an open door for attackers. |
Zero-day | A vulnerability nobody (officially) knew about yesterday, so there are "zero days" of defense. |
Exploit | The recipe or program that takes advantage of a vulnerability. |
Patch | A software update that fixes the vulnerability (install these!). |
3. How attackers deliver the payload
Knowing the tricks is half the defense.
Tactic | How it works |
---|---|
Phishing | Emails or texts that impersonate someone you trust and ask you to click a malicious link or share a password. |
Social engineering | Any con game that targets the human, not the computer—e.g., a phone call claiming to be "IT support." |
DDoS (Distributed Denial of Service) | Millions of bots hammer a website until it collapses under traffic. |
Man-in-the-Middle (MITM) | An attacker secretly intercepts and can change messages between two parties. |
SQL injection | Sneaking database commands into a web-form field to steal or alter data. |
Cross-Site Scripting (XSS) | Injecting JavaScript into a trusted website so it runs in other users' browsers. |
Session hijacking / Cookie theft | Stealing your login token so the attacker can act as you without the password. |
DNS spoofing | Tampering with internet address look-ups to send you to a fake site. |
Brute-force attack | Rapidly guessing passwords until one works. |
Watering-hole attack | Infecting a site the target group is known to visit, waiting for them to come to you. |
Supply-chain attack | Compromising a legitimate software update or vendor so the malware arrives signed and trusted. |
4. Quick Safety Checklist
-
Update everything – Patches close holes before attackers can use them.
-
Use strong, unique passwords – A password manager makes this painless.
-
Turn on multi-factor authentication – Even if a password leaks, the attacker needs the second factor.
-
Think before you click – Hover over links, double-check sender addresses.
-
Back up important data – Offline backups make ransomware toothless.
-
Run reputable security software – Real-time scanning catches known threats.
Cyber threats can sound intimidating, but most attacks rely on the same few tricks: outdated software, weak passwords or trusting the wrong link. By understanding the names and the basic ideas behind them, you're already better armed than most internet users. Stay curious, stay updated, and remember that in security, common sense beats panic every time.
Comments
Post a Comment